WO2022267407A1 - Automated operation and maintenance tool-based proxy deployment method and apparatus - Google Patents

Automated operation and maintenance tool-based proxy deployment method and apparatus Download PDF

Info

Publication number
WO2022267407A1
WO2022267407A1 PCT/CN2021/141134 CN2021141134W WO2022267407A1 WO 2022267407 A1 WO2022267407 A1 WO 2022267407A1 CN 2021141134 W CN2021141134 W CN 2021141134W WO 2022267407 A1 WO2022267407 A1 WO 2022267407A1
Authority
WO
WIPO (PCT)
Prior art keywords
deployment
client
host name
instruction
maintenance tool
Prior art date
Application number
PCT/CN2021/141134
Other languages
French (fr)
Chinese (zh)
Inventor
曹旭东
冯坤炎
Original Assignee
深圳前海微众银行股份有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 深圳前海微众银行股份有限公司 filed Critical 深圳前海微众银行股份有限公司
Publication of WO2022267407A1 publication Critical patent/WO2022267407A1/en

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/50Network services
    • H04L67/56Provisioning of proxy services
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F8/00Arrangements for software engineering
    • G06F8/60Software deployment
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F8/00Arrangements for software engineering
    • G06F8/60Software deployment
    • G06F8/61Installation
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L61/00Network arrangements, protocols or services for addressing or naming
    • H04L61/50Address allocation
    • H04L61/5053Lease time; Renewal aspects
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/2866Architectures; Arrangements
    • H04L67/30Profiles

Definitions

  • the present application relates to the network technology field of financial technology (Fintech), in particular to an agent deployment method and device based on automated operation and maintenance tools.
  • FreeIPA is an integrated security information management solution.
  • FreeIPA includes Linux (Fedora), 389Directory Server (lightweight directory access), MIT Kerberos (the core of domain name authentication), NTP (Network Time Protocol, Network Time Protocol), DNS (Domain Name System, Domain Name System), Dogtag (Certificate System) (an authentication system that provides a strong security framework to ensure the identity of users and the privacy of communications) and other identity authentication and policy functions. Under the freeIPA system, you need to install the freeIPA client on each machine, and register the machine with the freeIPA server to realize security information management.
  • the traditional C/S architecture release system is usually used to deploy the freeIPA client (sssd daemon process).
  • This method needs to deploy the release system on the release server and the release client to realize the deployment of the sssd daemon process.
  • the workload is heavy, the preparation period is long, and the efficiency is low.
  • Embodiments of the present application provide an agent deployment method and device based on an automated operation and maintenance tool, which can reduce deployment workload and preparation period, and improve deployment efficiency.
  • the embodiment of the present application provides an agent deployment method based on an automated operation and maintenance tool, the method including:
  • the deployment server sends a detection instruction to the deployment client based on the installed automated operation and maintenance tool; the deployment server sends an installation agent instruction to the deployment client based on the automated operation and maintenance tool after receiving the detection passing notification;
  • the installation agent instruction is used to instruct the deployment client to obtain the agent software package from the software package manager and install the agent program; the deployment server changes the first host name to the second host name based on the automated operation and maintenance tool, The first host name is the original host name of the deployment client, and the second host name is a host name in a preset format; A registration result of the management server; the deployment server restores the second host name to the first host name based on the automated operation and maintenance tool.
  • the deployment server directly instructs the deployment client to install the agent program according to the local IP of the deployment client.
  • this application does not need to build a traditional publishing system, which can effectively reduce the deployment workload and preparation period, and improve deployment efficiency.
  • detecting the installation condition of the agent program on the deployment client can ensure the normal operation of the agent program on the deployment client.
  • the deployment server changes the original host name of the deployment client to a host name in a preset format, and restores the host name to the original host name after obtaining the registration result of the deployment client on the management server.
  • the host name of each deployment client in the management server is a host name in a preset format, and the preset format can be set as required, so that the management server can manage each deployment client.
  • restoring the host name to the original host name can also prevent other services from being abnormal due to the change of the host name when the original host name is applied to other services. That is, in the case of ensuring the normal operation of each service of the deployed client, the convenience of managing the deployed client is improved.
  • the installation agent instruction after sending the installation agent instruction to the deployment client, it also includes:
  • the deployment server monitors the installation status of the deployment client based on the automated operation and maintenance tool; if the installation is not successful within a preset period of time, an end installation instruction is sent to the deployment client based on the automated operation and maintenance tool .
  • the automated operation and maintenance tool in the deployment server sets a monitoring process for each deployment client to monitor the loading process of the agent package of the client. If it is determined that the deployment client does not receive the described The agent software package sent by the software package manager; the deployment server will send an end installation instruction to end the installation of the agent program. In this way, the deployment client is prevented from continuously trying to connect to the package manager to obtain the agent package, which leads to waste of resources.
  • the deployment server changes the first hostname to the second hostname based on the automated operation and maintenance tool, it includes: the deployment server detects that the deployment client is based on the automated operation and maintenance tool After the terminal is successfully installed, send a host name change instruction; the host name change instruction is used to instruct the deployment client to use the second host name as the host name of the deployment client;
  • the deployment server restores the second host name to the first host name based on the automated operation and maintenance tool, including:
  • the deployment server sends a host name restoration instruction to the deployment client based on the automated operation and maintenance tool; the host name restoration instruction is used to instruct the deployment client to update the first host name to the deployment client The hostname of the client.
  • the first host name that does not conform to the preset format is changed to the second host name that conforms to the preset format. For example, change the first host name that uses a meaningless character string as the host name to the second host name that complies with the rules of the second-level domain name.
  • the deployment client can communicate with the management server through the second host name to perform registration management and the like.
  • the deployment server sends the host name recovery command to the deployment client, so that other services communicate with the client through the first host name, preventing other services from failing to restore the first host name. In case of failure to operate normally, ensure the reliability of services provided by the deployment client.
  • the installation agent instruction after sending the installation agent instruction to the deployment client, it also includes:
  • the deployment server sends an address addition instruction to the deployment client based on the automated operation and maintenance tool, the address addition instruction includes a search instruction, and the address addition instruction is used to instruct the deployment client
  • the address addition instruction includes a search instruction
  • the address addition instruction is used to instruct the deployment client
  • the deployment server sends an address addition instruction to the deployment client to add the domain name and IP address of the management server to the domain name file of the deployment client.
  • this application prevents the domain name and IP address of the management server from being deployed in the client.
  • the original domain name file is lost, resulting in abnormalities in services that rely on the original domain name file; and the agent program can check the current domain name file according to the search command in the address addition command.
  • the target location of the domain name file already contains the IP address and domain name of the management server, the address of the target location is duplicated due to the addition, and the process of adding the domain name file is simplified.
  • the deployment server after sending the address addition instruction to the deployment client, it further includes: the deployment server sends a registration instruction to the deployment client based on the automated operation and maintenance tool, and the registration instruction is used to indicate the The deployment client adds the domain name and IP address of the management server to the authentication configuration file, and authenticates the management server according to the authentication configuration file.
  • the domain name and IP address of the management server in the domain name file are added to the authentication configuration file, so that the deployment client can perform authentication with the management server according to the domain name and IP address of the management server in the authentication configuration file, ensuring Authentication reliability.
  • the deployment server further includes: the deployment server obtains the If the registration of the deployment client is completed, a test instruction is sent to the deployment client, and the test instruction is used to instruct the deployment client to test whether the registration with the management server is successful.
  • the deployment server acquires the registration completion status of the deployment client based on the automated operation and maintenance tool. If the registration is completed, a test instruction is sent to the deployment client, so that the deployment client tests whether the registration of the deployment client in the management server is successful. If it fails, you can re-initiate the agent deployment process, or initiate a registration failure alarm, and the staff will handle it accordingly. Ensure the reliability of the deployment client registration on the management server.
  • the deployment server after sending the installation agent instruction to the deployment client, it further includes: the deployment server obtains the successful registration status of the deployment client based on the automated operation and maintenance tool, and the deployment server obtains the registration success status based on the deployment server
  • the automated operation and maintenance tool sends a configuration change instruction to the deployment client, where the configuration change instruction is used to instruct the deployment client to add a configuration file to the target location of the agent program.
  • the deployment server can also send a configuration change instruction to the deployment client based on the automatic operation and maintenance tool, so that the deployment client can add a configuration file to the target location of the agent program.
  • the corresponding configuration file is overwritten directly in the agent program, resulting in the loss of the original configuration file, which affects the abnormality of modules that implement corresponding functions based on the original configuration file.
  • This application can guarantee the reliability of the operation of the deployment client.
  • the embodiment of the present application provides an agent deployment method based on an automated operation and maintenance tool.
  • the method includes: deploying the automated operation and maintenance tool installed on the server side, and sending a detection instruction to the deployment client;
  • the detection instruction detects that the authentication configuration file is included locally, and the authentication file contains a preset sentence, generates a detection pass notification, and sends the detection pass notification to the deployment server;
  • the deployment server After receiving the notification of passing the detection, an installation agent instruction is sent to the deployment client based on the automated operation and maintenance tool;
  • the deployment client obtains the agent software package from the software package manager according to the installation agent instruction and installs the agent program ;
  • the deployment server Based on the automated operation and maintenance tool, the deployment server detects that the deployment client is successfully installed, and then sends a host name change command to the deployment client;
  • the deployment client sends the first host name change command to the deployment client according to the host change command
  • the host name is changed to a second host name, the first host name is the original host name of the deployment
  • the deployment server directly instructs the deployment client to install the agent program according to the local IP of the deployment client.
  • this application does not need to build a traditional publishing system, which can effectively reduce the deployment workload and preparation period, and improve deployment efficiency.
  • the deployment client detect that the local authentication configuration file is included according to the detection instruction, and the authentication file includes default statements.
  • the default statement is the default statement of the authentication configuration file
  • the business reliability of the deployed client can be effectively improved.
  • the embodiment of the present application provides an agent deployment device based on an automated operation and maintenance tool, which includes:
  • the processing module is used for installation-based automated operation and maintenance tools, and sends detection instructions to the deployment client through the sending module;
  • the processing module After the processing module receives the detection pass notification through the receiving module, based on the automated operation and maintenance tool, it sends an installation agent instruction to the deployment client through the sending module; the installation agent instruction is used to instruct the deployment client Get the agent package from the package manager and install the agent.
  • the embodiment of the present application also provides a computing device, including: a memory for storing programs; a processor for invoking the programs stored in the memory, and executing the obtained programs according to the first aspect and the second aspect. Aspects of the various possible designs are described in the method.
  • the embodiment of the present application also provides a computer-readable non-volatile storage medium, including a computer-readable program.
  • a computer-readable program When the computer reads and executes the computer-readable program, the computer executes the computer-readable program described in the first aspect and The method described in various possible designs of the second aspect.
  • FIG. 1 is a schematic diagram of the architecture of agent deployment based on automated operation and maintenance tools provided by the embodiment of the present application;
  • FIG. 2 is a schematic diagram of the architecture of agent deployment based on automated operation and maintenance tools provided by the embodiment of the present application;
  • FIG. 3 is a schematic flow diagram of an agent deployment method based on an automated operation and maintenance tool provided in an embodiment of the present application
  • FIG. 4 is a schematic flow diagram of an agent deployment method based on an automated operation and maintenance tool provided in an embodiment of the present application
  • FIG. 5 is a schematic diagram of an agent deployment device based on an automated operation and maintenance tool provided in an embodiment of the present application
  • FIG. 6 is a schematic diagram of an apparatus for deploying an agent based on an automated operation and maintenance tool according to an embodiment of the present application.
  • Fig. 1 is a system architecture of agent deployment based on automated operation and maintenance tools provided by the embodiment of the present application, wherein the deployment server is installed with automated operation and maintenance tools, and may also include information such as the IP address of each deployment client. For example, record the IP addresses of each deployment client through the IP address list. Then the deployment server can send detection instructions to the deployment client corresponding to the IP address based on the automated operation and maintenance tool. After the deployment client receives the detection instruction, it detects whether the deployment client can perform the agent deployment process according to the detection instruction. If the detection fails, the agent deployment process will not be executed, and an alarm can be generated to the staff; Detections are sent to the deployment server via notifications.
  • the deployment server is installed with automated operation and maintenance tools, and may also include information such as the IP address of each deployment client. For example, record the IP addresses of each deployment client through the IP address list. Then the deployment server can send detection instructions to the deployment client corresponding to the IP address based on the automated operation and maintenance tool. After the deployment client receives the detection instruction,
  • the deployment server After receiving the detection pass notification, the deployment server sends installation agent instructions to the deployment client based on the automated operation and maintenance tool, and sets a corresponding monitoring process for each deployment client to monitor the installation status of the deployment client in real time.
  • the deployment client After the deployment client receives the installation agent instruction, it downloads the agent software package from the package manager; if the installation of the agent program fails or is abnormal, the deployment server detects the installation failure or abnormal state, and sends an end message to the deployment client.
  • An installation instruction otherwise, after the deployment server monitors that the agent program is installed successfully, it sends a host name change instruction to the deployment client, and also sends an address addition instruction to the deployment client.
  • the deployment client changes the host name according to the host name change instruction, and after receiving the address addition instruction to add the domain name and IP address of the management server to the domain name file, the deployment client initiates authentication to the management server and completes the registration.
  • the deployment server determines that the registration status of the deployment client is the registration completed state, and then sends a test instruction, so that the deployment client tests whether the registration between the deployment client and the management server is successful.
  • After the deployment server obtains the registration result of the deployment client it restores the host name in the preset format of the deployment client to the original host name. What needs to be explained here is that no matter whether the registration result is successful or failed, the host name of the final deployment client must be restored to the original host name to ensure the normal operation of other services in the deployment client.
  • an automated operation and maintenance tool is provided in the deployment server, which can instruct the deployment client to execute the agent deployment process during the agent program installation process; compared with the need to build a publishing system in the prior art, this application There is no need to build a release system in advance, which can effectively reduce the agent deployment workload and preparation cycle, and improve deployment efficiency.
  • the embodiment of the present application also provides a system framework for agent deployment based on automated operation and maintenance tools, as shown in Figure 2, the automated operation and maintenance tool set by the deployment server is Ansiblee; the management server is provided with FreeIPA; the software package manager It is Yum (Yellow dog Updater, Modified, a front-end package manager), which contains the agent software package required for deploying the client; the deployment client includes the client of the FreeIPA system and the front-end of the Yum system, and the agent is SSSD Daemon.
  • the automated operation and maintenance tool set by the deployment server is Ansiblee
  • the management server is provided with FreeIPA
  • the software package manager It It is Yum (Yellow dog Updater, Modified, a front-end package manager), which contains the agent software package required for deploying the client
  • the deployment client includes the client of the FreeIPA system and the front-end of the Yum system, and the agent is SSSD Daemon.
  • the embodiment of the present application provides an agent deployment method process based on automated operation and maintenance tools, as shown in Figure 3, including:
  • Step 301 the deployment server sends detection instructions to the deployment client based on the installed automated operation and maintenance tool
  • the automated operation and maintenance tool included in the deployment server includes the IP addresses of each deployment client. For example, there is an IP address record or IP address list, and the automated operation and maintenance tool traverses the IP address record or IP address list.
  • a detection instruction is sent to each deployment client respectively; the detection instruction is used to instruct the deployment client to detect whether it has a deployment agent program and to register. For example, it can be used to instruct the deployment client to check whether its own configuration file contains relevant default statements; if the configuration file is generated by the kerberos protocol (computer network authorization protocol), the deployment client needs to use the kerberos protocol for authentication during the registration process.
  • the kerberos protocol computer network authorization protocol
  • the configuration file of the deployment client contains this For the first default statement, it is necessary to further determine whether the configuration file contains the second default statement kerberos.example.com; the second default statement is kerberos.example.com, which is used to determine whether the configuration file is the default , if the configuration file contains the second default statement, it can be determined that no other service is applying this configuration file; in this example, if the configuration file contains the first default statement but not the second default statement, then The configuration file representing the deployment client is applied by other services. If the agent deployment process continues, there is a high probability that other services will be abnormal. If the detection determines that the configuration file of the deployment client contains the first preset statement and the second If the default statement is used, it is determined that the test is passed.
  • the deployment server can execute cat /etc/krb5.conf
  • Step 302 after the deployment server receives the detection pass notification, it sends an installation agent instruction to the deployment client based on the automated operation and maintenance tool; the installation agent instruction is used to instruct the deployment client to download from the software package manager Get the agent package and install the agent;
  • the package manager is Yum (full name Yellow dog Updater, Modified); then the deployment server uses Ansiblee's yum module to send installation agent instructions to the deployment client, so that the deployment client obtains from the management server Proxy package.
  • the deployment server can monitor the yum system in the deployment client and management server through Ansiblee. If the yum system is abnormal, it can be repaired directly. If it cannot be repaired, an alarm will be generated.
  • the agent software package can also contain other software packages, such as SUDO, a program for generating instructions. After the installation is completed, the agent program can update SUDO to new.
  • Step 303 the deployment server changes the first host name to a second host name based on the automated operation and maintenance tool, the first host name is the original host name of the deployment client, and the second host name is the hostname in the preset format;
  • the host name in the preset format can be the basic information for deploying the client, such as domain name, IP address, operator, etc., which can be set according to specific needs, and the specific setting method of the preset format is not limited here.
  • Step 304 the deployment server obtains the registration result of the deployment client on the management server based on the automated operation and maintenance tool
  • Step 305 the deployment server restores the second host name to the first host name based on the automated operation and maintenance tool.
  • the recovery mechanism of 'reverting the second host name to the first host name' can be set as a relief mechanism, that is, no matter whether the previous program execution succeeds or fails, or any abnormality occurs, etc., In the end, the host name in the preset format must be restored to the original host name to ensure the normal operation of other services in the deployed client.
  • the deployment server directly instructs the deployment client to install the agent program according to the local IP of the deployment client.
  • this application does not need to build a traditional publishing system, which can effectively reduce the deployment workload and preparation period, and improve deployment efficiency.
  • detecting the installation condition of the agent program on the deployment client can ensure the normal operation of the agent program on the deployment client.
  • the deployment server changes the original host name of the deployment client to a host name in a preset format, and restores the host name to the original host name after obtaining the registration result of the deployment client on the management server.
  • the host name of each deployment client in the management server is a host name in a preset format, and the preset format can be set as required, so that the management server can manage each deployment client.
  • restoring the host name to the original host name can also prevent other services from being abnormal due to the change of the host name when the original host name is applied to other services. That is, in the case of ensuring the normal operation of each service of the deployed client, the convenience of managing the deployed client is improved.
  • An embodiment of the present application provides an agent deployment method based on an automated operation and maintenance tool. After sending an installation agent instruction to the deployment client, it further includes: the deployment server monitors the deployment based on the automated operation and maintenance tool. The installation status of the client; if the installation is not successful within a preset period of time, an instruction to end the installation is sent to the deployment client based on the automated operation and maintenance tool.
  • the deployment client after the deployment client receives the installation agent instruction, it obtains and installs the agent software package from the management server based on the installation agent instruction; and the deployment server generates a corresponding monitoring process for each deployment client after sending the installation agent instruction , monitor the status of the deployment client installation agent program, if the deployment client does not complete the installation within the preset time, then send an end installation instruction, so that the deployment client ends the installation of the agent program and records the deployment client. In this way, it can be confirmed in time that the deployment client is in an abnormal state, and it can also prevent the deployment client from continuously trying to connect to the management server, causing the task to be stuck and wasting network resources.
  • Ansiblee After the deployment server Ansiblee sends the installation agent command, Ansiblee will run all the deployment client installation agent tasks at one time, and throw all the deployment client installation agent tasks to the background for execution.
  • Each installation agent task has one job_id, Ansiblee polls and detects the execution status of the installation agent task at regular intervals according to the job_id until it detects that the execution of the installation agent task ends. For example, if the installation agent task is up to 30 seconds, Ansiblee will wait for the installation agent task for up to 30 seconds, and check the execution result of the installation agent task every 5 seconds. If the installation is not successful after 30 seconds, then the The installation status of the deployment client installation agent is failure; the deployment server sends an instruction to end the installation to the deployment client, and can also record relevant abnormal conditions and generate an alarm.
  • An embodiment of the present application provides an agent deployment method based on an automated operation and maintenance tool, wherein the deployment server changes the first host name to a second host name based on the automated operation and maintenance tool, including: the deployment server Based on the automated operation and maintenance tool, after detecting that the deployment client is successfully installed, a host name change instruction is sent; the host name change instruction is used to instruct the deployment client to use the second host name as the host of the deployment client name;
  • the deployment server restores the second host name to the first host name based on the automated operation and maintenance tool, including:
  • the deployment server sends a host name restoration instruction to the deployment client based on the automated operation and maintenance tool; the host name restoration instruction is used to instruct the deployment client to update the first host name to the deployment client
  • the hostname of the client is a preset format. For example, IP address + domain name.
  • the deployment server After registration and other related processes between the management server and the deployment client are completed, the deployment server sends a host name restoration command to the deployment client to restore the first host name to the second host name. In this way, the change of the host name is prevented from causing abnormalities in other services that depend on the first host name.
  • Ansible generates a registration command and sends it to the deployment client.
  • the client runs the agent program ipa-client-install to start the registration process.
  • Ansible instructs the deployment client to change the original host name to the host name in the preset format through the host name change command: IP address + domain name, and calls ipa-client-install to obtain the second host name of the machine, and the second
  • the host name is sent to the management server as the identification of the deployment client in the management server.
  • ipa-client-install record the corresponding relationship between the first host name and the second host name, set a temporary second host name, and send the second host name to the management server.
  • An embodiment of the present application provides an address addition method. After sending the installation agent instruction to the deployment client, it further includes: the deployment server sends an address addition instruction to the deployment client based on the automated operation and maintenance tool. , the address addition instruction includes a search instruction, and the address addition instruction is used to instruct the deployment client to add the domain name file in the domain name file when it confirms that the domain name file does not contain the domain name and IP address of the management server according to the search instruction. Add the domain name and IP address of the management server to .
  • the deployment server sends an address addition command to the deployment client based on the automated operation and maintenance tool. After receiving the address and adding the command, the deployment client adds the domain name and IP address of the management server in the address addition command to the domain name.
  • the target location of the file In this way, it is prevented that other domain names and IPs are directly replaced in the domain name file, resulting in the loss of the configuration of the deployment client, which may cause abnormal situations in the deployment client.
  • the deployment client's dependence on the domain name server can be reduced.
  • the deployment server uses the linefile module of Ansiblee to implement the address addition of the domain name file /etc/hosts file in the deployment client; and the corresponding search command can be set in the address addition command, if the target location of the domain name file already contains For the IP address and domain name, there is no need to add the address repeatedly. In this way, even if the address adding action is executed multiple times, it will not result in unlimited addition of IP addresses and domain names in the domain name file.
  • An embodiment of the present application provides an authentication method. After sending an address addition instruction to the deployment client, it further includes: the deployment server sends a registration instruction to the deployment client based on the automated operation and maintenance tool, The registration instruction is used to instruct the deployment client to add the domain name and IP address of the management server to the authentication configuration file, and to authenticate the management server according to the authentication configuration file. That is to say, the deployment client adds the domain name and IP address of the management server in the domain name file to the authentication configuration file according to the registration instruction, so as to authenticate the management server according to the authentication configuration file. In this way, the reliability of authentication between the deployment client and the management server is guaranteed.
  • An embodiment of the present application provides a registration method, wherein the deployment server acquires the registration result of the deployment client on the management server based on the automated operation and maintenance tool, including: the deployment server obtains the registration result of the deployment client based on the automated operation and maintenance tool A tool for obtaining the registration completion status of the deployment client, and then sending a test instruction to the deployment client, where the test instruction is used to instruct the deployment client to test whether the registration with the management server is successful.
  • the deployment server sends a test command to the deployment client to test whether the deployment client is successfully registered; the deployment client can execute the id username command; if the management server can accurately receive the execution id username command of the deployment client , and return the information corresponding to the user name, it means that the registration is successful; if the deployment client confirms that the received information is empty and displays nosuch user information, it means that the registration has failed.
  • the embodiment of the present application provides a configuration change method, after sending the installation agent instruction to the deployment client, it further includes: the deployment server obtains the successful registration status of the deployment client based on the automated operation and maintenance tool, The deployment server sends a configuration change instruction to the deployment client based on the automated operation and maintenance tool, and the configuration change instruction is used to instruct the deployment client to add a configuration file at the target location of the agent program. That is to say, when the deployment server determines that the registration between the deployment client and the management server is successful, it can also change the configuration in the deployment client through a configuration change command, and the modification method is to add a configuration file to the target location of the agent. In this way, the integrity of the configuration in the deployment client can be ensured and the loss of configuration files can be prevented.
  • the embodiment of the present application provides an agent deployment method flow based on an automated operation and maintenance tool, as shown in FIG. 4 , including:
  • Step 401 the deployment server generates a detection instruction based on the installed automatic operation and maintenance tool, and sends the detection instruction to the deployment client.
  • Step 402 After receiving the detection instruction, the deployment client detects whether it meets the conditions for installing the agent, and if so, generates a detection notification and sends it to the deployment server; if it does not meet the conditions for installing the agent, the process ends.
  • Step 403 after receiving the detection pass notification, the deployment server generates an installation agent instruction based on the automated operation and maintenance tool.
  • Step 404 the deployment server generates a monitoring process for the deployment client; the detection frequency is set in the monitoring process, and the installation status of the deployment client agent is detected with the detection frequency, and if the installation of the deployment client agent fails, the installation is terminated program; and a preset time period is also set in the monitoring process, if within the preset time period, the deployment client has not yet completed the installation of the agent program, the installation program will end and an alarm will be generated.
  • Step 405 the deployment server sends the installation agent instruction to the deployment client.
  • Step 406 the deployment client generates an agent software package loading request according to the installation agent instruction, and sends it to the software package manager.
  • Step 407 After receiving the proxy software package loading request, the software package manager sends the proxy software package to the deployment client.
  • Step 408 the deployment client receives the agent software package, and installs the agent program.
  • Step 409 After the deployment server detects that the agent program of the deployment client is installed successfully, it generates a host name change instruction, and sends the host name change instruction to the deployment client.
  • Step 410 the deployment client changes the first host name to the second host name according to the host name change instruction, and records the correspondence between the first host name and the second host name.
  • Step 411 the deployment server generates an address addition instruction, and sends it to the deployment client.
  • Step 412 After receiving the address addition instruction, the deployment client appends the domain name and IP address of the management server to the target location of the domain name file according to the address addition instruction, wherein the address addition instruction may include a search instruction for finding whether the target location has Contains the domain name and IP address of the management server to prevent repeated additions and waste of network resources.
  • the address addition instruction may include a search instruction for finding whether the target location has Contains the domain name and IP address of the management server to prevent repeated additions and waste of network resources.
  • Step 413 the deployment server generates a registration instruction and sends it to the deployment client.
  • Step 414 After receiving the registration instruction, the deployment client adds the domain name and IP address of the management server to the authentication configuration file.
  • Step 415 the deployment client sends registration information including its own IP address and second host name to the management server according to the domain name and IP address of the management server.
  • Step 416 the management server receives and records the registration information sent by the deployment client.
  • Step 417 the deployment server sends a test command to the deployment client.
  • Step 418 After receiving the test instruction, the deployment client executes the ID user name instruction, and sends the ID user name instruction to the management server.
  • Step 419 the management server generates corresponding reply information according to the ID username command, and sends the reply information to the deployment client.
  • Step 420 if the reply information received by the deployment client is empty, then it is determined that the registration fails; if the received reply information is not empty, the registration is successful.
  • Step 421 the deployment server detects the registration result of the deployment client, and instructs the deployment client to restore the second hostname to the first hostname.
  • Step 422 the deployment server sends a configuration change instruction to the deployment client.
  • Step 423 the deployment client appends a configuration file to the target location of the agent program according to the configuration change instruction.
  • step 409 and step 410 can be performed before and after any step from step 411 to step 414; step 404 can be performed before step 405 or after step 405. Therefore, the above process steps are just an example, and do not limit the specific implementation of this solution.
  • FIG. includes:
  • the processing module 501 is used to send detection instructions to the deployment client through the sending module 502 based on the installed automated operation and maintenance tool;
  • the processing module 501 After the processing module 501 receives the detection pass notification through the receiving module 503, based on the automated operation and maintenance tool, it sends an installation agent instruction to the deployment client through the sending module 502; the installation agent instruction is used to instruct the The deployment client fetches the agent package from the package manager and installs the agent;
  • the processing module 501 changes the first host name to a second host name based on the automated operation and maintenance tool, the first host name is the original host name of the deployment client, and the second host name is preset format; the processing module 501 obtains the registration result of the deployment client in the management server based on the automated operation and maintenance tool; the processing module 501 obtains the second host based on the automated operation and maintenance tool name reverts to the first hostname.
  • the processing module 501 is further configured to: monitor the installation status of the deployment client based on the automated operation and maintenance tool; if the installation is not successful within a preset period of time, based on the automated operation and maintenance tool, through The sending module 502 sends an installation end instruction to the deployment client.
  • the processing module 501 is configured to: based on the automated operation and maintenance tool, after detecting that the deployment client is successfully installed, send a hostname change instruction through the sending module 502; the hostname change instruction is used to Instructing the deployment client to use the second host name as the host name of the deployment client; the second host name is a host name in a preset format; the processing module 501 is based on the automated operation and maintenance tool, through the The sending module 502 sends a hostname recovery instruction to the deployment client; the hostname recovery instruction is used to instruct the deployment client to update the first hostname to the hostname of the deployment client; the first hostname The original hostname for the deployment client.
  • the processing module 501 is further configured to: based on the automated operation and maintenance tool, send an address addition instruction to the deployment client through the sending module 502, the address addition instruction includes a search instruction, and the The address addition instruction is used to instruct the deployment client to add the domain name and IP address of the management server to the domain name file when confirming that the domain name file does not contain the domain name and IP address of the management server according to the search instruction.
  • the processing module 501 is further configured to: based on the automated operation and maintenance tool, send a registration instruction to the deployment client through the sending module 502, the registration instruction is used to instruct the deployment client to
  • the domain name and IP address of the management server are added to the authentication configuration file, and the management server is authenticated according to the authentication configuration file.
  • the processing module 501 is further configured to: obtain the registration completion status of the deployment client based on the automated operation and maintenance tool, and send a test instruction to the deployment client through the sending module 502, the The test instruction is used to instruct the deployment client to test whether the registration on the management server is successful.
  • the processing module 501 is further configured to: obtain the successful registration status of the deployment client based on the automated operation and maintenance tool, and the processing module 501 uses the sending module 502 based on the automated operation and maintenance tool Sending a configuration change instruction to the deployment client, where the configuration change instruction is used to instruct the deployment client to add a configuration file at the target location of the agent program.
  • an embodiment of the present application provides a device for deploying an agent based on an automated operation and maintenance tool.
  • FIG. including: the processing module 601 is used for the installation-based automated operation and maintenance tool, and sends a detection instruction to the deployment client through the sending module 602; the processing module 601 detects that the local authentication configuration file is included according to the detection instruction, and the authentication The right configuration file contains preset sentences, generates a notification of passing the detection, and sends the notification of passing the detection to the deployment server through the sending module 602; after receiving the notification of passing the detection through the receiving module 603, the sending Module 602 sends an installation agent instruction to the deployment client based on the automated operation and maintenance tool; the processing module 601 obtains an agent software package from the software package manager according to the installation agent instruction and installs an agent program; the processing module 601 Based on the automated operation and maintenance tool, after detecting that the deployment client is successfully installed, the sending module 602 sends a host name change command to the deployment client; the processing module 601 sends the
  • the host name is changed to a second host name, the first host name is the original host name of the deployment client, and the second host name is a host name in a preset format;
  • the processing module 601 registers with the management server, And obtain the registration result;
  • the processing module 601 obtains the registration result of the deployment client on the management server based on the automatic operation and maintenance tool, and restores the second host name to the first host name.
  • the embodiments of the present application may be provided as methods, systems, or computer program products. Accordingly, the present application may take the form of an entirely hardware embodiment, an entirely software embodiment, or an embodiment combining software and hardware aspects. Furthermore, the present application may take the form of a computer program product embodied on one or more computer-usable storage media (including but not limited to disk storage, CD-ROM, optical storage, etc.) having computer-usable program code embodied therein.
  • computer-usable storage media including but not limited to disk storage, CD-ROM, optical storage, etc.
  • These computer program instructions may also be stored in a computer-readable memory capable of directing a computer or other programmable data processing apparatus to operate in a specific manner, such that the instructions stored in the computer-readable memory produce an article of manufacture comprising instruction means, the instructions
  • the device realizes the function specified in one or more procedures of the flowchart and/or one or more blocks of the block diagram.

Abstract

Embodiments of the present application provide an automated operation and maintenance tool-based proxy deployment method and apparatus. The method comprises: a deployment server sends a detection instruction to a deployment client on the basis of an installed automated operation and maintenance tool; the deployment server receives a notification that detection is successful, and then sends an installation proxy instruction to the deployment client on the basis of the automated operation and maintenance tool, wherein the installation proxy instruction is used to instruct the deployment client to obtain a proxy software package from a software package manager and install a proxy program; the deployment server changes an original host name of the deployment client to a host name of a preset format on the basis of the automated operation and maintenance tool; the deployment server obtains a registration result of the deployment client in a management server on the basis of the automated operation and maintenance tool; and the deployment server restores the host name to the original host name on the basis of the automated operation and maintenance tool. The described method may effectively reduce the deployment workload and preparation period and increase deployment efficiency on the premise of increasing the simplicity of client management.

Description

一种基于自动化运维工具的代理部署方法及装置A method and device for agent deployment based on automated operation and maintenance tools
相关申请的交叉引用Cross References to Related Applications
本申请要求在2021年06月22日提交中国专利局、申请号为202110691764.X、申请名称为“一种基于自动化运维工具的代理部署方法及装置”的中国专利申请的优先权,其全部内容通过引用结合在本申请中。This application claims the priority of the Chinese patent application submitted to the China Patent Office on June 22, 2021, with the application number 202110691764.X and the application name "A method and device for agent deployment based on automated operation and maintenance tools", all of which The contents are incorporated by reference in this application.
技术领域technical field
本申请涉及金融科技(Fintech)的网络技术领域,尤其涉及一种基于自动化运维工具的代理部署方法及装置。The present application relates to the network technology field of financial technology (Fintech), in particular to an agent deployment method and device based on automated operation and maintenance tools.
背景技术Background technique
近年来,随着计算机技术的发展,越来越多的技术应用在金融领域,传统金融业正在逐步向金融科技(Fintech)转变,但由于金融行业的安全性、实时性要求,也对技术提出更高的要求。如,目前在金融行业的各公司企业级应用的网络管理系统中,通常包括完整的企业级的安全信息管理系统,以确保用户信息,以及系统通信的私密性。常用的安全信息管理系统,如,FreeIPA。In recent years, with the development of computer technology, more and more technologies are applied in the financial field, and the traditional financial industry is gradually transforming into Fintech. However, due to the security and real-time requirements of the financial industry, there are also requirements higher requirement. For example, the current enterprise-level network management systems of various companies in the financial industry usually include a complete enterprise-level security information management system to ensure the privacy of user information and system communications. Commonly used security information management systems, such as FreeIPA.
FreeIPA是一款集成的安全信息管理解决方案。FreeIPA包含Linux(Fedora)、389Directory Server(轻量级目录访问)、MIT Kerberos(域名认证的核心)、NTP(Network Time Protocol,网络时间协议)、DNS(Domain Name System,域名系统)、Dogtag(Certificate System)(一款认证系统,提供强大的安全框架来确保用户的身份以及通讯的私密性)等等身份认证和策略功能。在freeIPA系统下,需在每台机器上安装freeIPA客户端,同时将本机注册到freeIPA服务器,以实现安全信息管理。FreeIPA is an integrated security information management solution. FreeIPA includes Linux (Fedora), 389Directory Server (lightweight directory access), MIT Kerberos (the core of domain name authentication), NTP (Network Time Protocol, Network Time Protocol), DNS (Domain Name System, Domain Name System), Dogtag (Certificate System) (an authentication system that provides a strong security framework to ensure the identity of users and the privacy of communications) and other identity authentication and policy functions. Under the freeIPA system, you need to install the freeIPA client on each machine, and register the machine with the freeIPA server to realize security information management.
现有技术中,通常采用传统的C/S架构发布系统部署freeIPA客户端(sssd守护进程),这种方式需要在发布服务端和发布客户端部署发布系统,来实现sssd守护进程的部署,部署工作量大、准备周期长、效率低。In the prior art, the traditional C/S architecture release system is usually used to deploy the freeIPA client (sssd daemon process). This method needs to deploy the release system on the release server and the release client to realize the deployment of the sssd daemon process. The workload is heavy, the preparation period is long, and the efficiency is low.
因此,现在亟需一种基于自动化运维工具的代理部署方法及装置,能够降低部署工作量以及准备周期,且提高部署效率。Therefore, there is an urgent need for an agent deployment method and device based on automated operation and maintenance tools, which can reduce deployment workload and preparation period, and improve deployment efficiency.
发明内容Contents of the invention
本申请实施例提供一种基于自动化运维工具的代理部署方法及装置,能够降低部署工作量以及准备周期,且提高部署效率。Embodiments of the present application provide an agent deployment method and device based on an automated operation and maintenance tool, which can reduce deployment workload and preparation period, and improve deployment efficiency.
第一方面,本申请实施例提供一种基于自动化运维工具的代理部署方法,该方法包括:In the first aspect, the embodiment of the present application provides an agent deployment method based on an automated operation and maintenance tool, the method including:
部署服务端基于安装的自动化运维工具,向部署客户端发送检测指令;所述部署服务端接收检测通过通知后,基于所述自动化运维工具向所述部署客户端发送安装代理指令;所述安装代理指令用于指示所述部署客户端从软件包管理器获取代理软件包并安装代理程序;所述部署服务端基于所述自动化运维工具,将第一主机名变更为第二主机名,所述第一主机名为所述部署客户端的原主机名,所述第二主机名为预设格式的主机名;所述部署服务端基于所述自动化运维工具,获取所述部署客户端在管理服务器的注册结果;所述部署服务端基于所述自动化运维工具,将所述第二主机名恢复为所述第一主机名。The deployment server sends a detection instruction to the deployment client based on the installed automated operation and maintenance tool; the deployment server sends an installation agent instruction to the deployment client based on the automated operation and maintenance tool after receiving the detection passing notification; The installation agent instruction is used to instruct the deployment client to obtain the agent software package from the software package manager and install the agent program; the deployment server changes the first host name to the second host name based on the automated operation and maintenance tool, The first host name is the original host name of the deployment client, and the second host name is a host name in a preset format; A registration result of the management server; the deployment server restores the second host name to the first host name based on the automated operation and maintenance tool.
上述方法中,通过将自动化运维工具安装在部署服务端中,使得部署服务端根据本地的部署客户端IP,直接指示部署客户端安装代理程序。相比于现有技术中需要搭建发布系统架构来说,本申请无需搭建传统的发布系统,可以有效的降低部署工作量以及准备周期,且提高部署效率。且在安装代理程序之前,检测部署客户端的代理程序安装条件,可以保证代理程序在部署客户端中正常运行。部署服务端将部署客户端的原主机名变更为预设格式的主机名,并在获取部署客户端在管理服务器的注册结果后,将主机名恢复为原主机名。如此,使得管理服务器中的各部署客户端的主机名均为预设格式的主机名,预设格式可以根据需要设置,便于管理服务器对各部署客户端进行管理。后续在注册完成后,将主机名恢复为原主机名,还可以防止发生其 他服务应用原主机名时,由于主机名的变更导致其他服务异常的情况。即,在保证部署客户端的各服务正常运行的情况下,提高管理部署客户端的简便性。In the above method, by installing the automated operation and maintenance tool in the deployment server, the deployment server directly instructs the deployment client to install the agent program according to the local IP of the deployment client. Compared with the need to build a publishing system architecture in the prior art, this application does not need to build a traditional publishing system, which can effectively reduce the deployment workload and preparation period, and improve deployment efficiency. And before installing the agent program, detecting the installation condition of the agent program on the deployment client can ensure the normal operation of the agent program on the deployment client. The deployment server changes the original host name of the deployment client to a host name in a preset format, and restores the host name to the original host name after obtaining the registration result of the deployment client on the management server. In this way, the host name of each deployment client in the management server is a host name in a preset format, and the preset format can be set as required, so that the management server can manage each deployment client. After the registration is completed, restoring the host name to the original host name can also prevent other services from being abnormal due to the change of the host name when the original host name is applied to other services. That is, in the case of ensuring the normal operation of each service of the deployed client, the convenience of managing the deployed client is improved.
可选的,向所述部署客户端发送安装代理指令之后,还包括:Optionally, after sending the installation agent instruction to the deployment client, it also includes:
所述部署服务端基于所述自动化运维工具,监测所述部署客户端的安装状态;若在预设时段内未安装成功,则基于所述自动化运维工具向所述部署客户端发送结束安装指令。The deployment server monitors the installation status of the deployment client based on the automated operation and maintenance tool; if the installation is not successful within a preset period of time, an end installation instruction is sent to the deployment client based on the automated operation and maintenance tool .
上述方法中,部署服务端中的自动化运维工具针对每个部署客户端设置有监控进程,监控该客户端的代理程序包加载进程,若确定部署客户端在预设时间段内未接收到所述软件包管理器发送的所述代理软件包;部署服务端会发送结束安装指令,以结束安装所述代理程序。如此,防止部署客户端不断尝试与软件包管理器连接,获取代理软件包,导致资源浪费。In the above method, the automated operation and maintenance tool in the deployment server sets a monitoring process for each deployment client to monitor the loading process of the agent package of the client. If it is determined that the deployment client does not receive the described The agent software package sent by the software package manager; the deployment server will send an end installation instruction to end the installation of the agent program. In this way, the deployment client is prevented from continuously trying to connect to the package manager to obtain the agent package, which leads to waste of resources.
可选的,所述部署服务端基于所述自动化运维工具,将第一主机名变更为第二主机名之后,包括:所述部署服务端基于所述自动化运维工具,检测所述部署客户端安装成功后,发送主机名变更指令;所述主机名变更指令用于指示所述部署客户端将第二主机名作为所述部署客户端的主机名;Optionally, after the deployment server changes the first hostname to the second hostname based on the automated operation and maintenance tool, it includes: the deployment server detects that the deployment client is based on the automated operation and maintenance tool After the terminal is successfully installed, send a host name change instruction; the host name change instruction is used to instruct the deployment client to use the second host name as the host name of the deployment client;
所述部署服务端基于所述自动化运维工具,将所述第二主机名恢复为所述第一主机名,包括:The deployment server restores the second host name to the first host name based on the automated operation and maintenance tool, including:
所述部署服务端基于所述自动化运维工具,向所述部署客户端发送主机名恢复指令;所述主机名恢复指令用于指示所述部署客户端将第一主机名更新为所述部署客户端的主机名。The deployment server sends a host name restoration instruction to the deployment client based on the automated operation and maintenance tool; the host name restoration instruction is used to instruct the deployment client to update the first host name to the deployment client The hostname of the client.
上述方法中,将不符合预设格式的第一主机名修改为符合预设格式的第二主机名。如,将使用没有意义的字符串作为主机名的第一主机名修改为符合二级域名规则的第二主机名。如此,使得部署客户端可以通过第二主机名与管理服务器通信,进行注册管理等。部署客户端与管理服务器通信完成后,部署服务端向部署客户端发送主机名恢复指令,使得其他服务通过第一主机名与客户端通信,防止发生不恢复回第一主机名而导致的其它服务无法正常 运行的情况,保证部署客户端提供服务的可靠性。In the above method, the first host name that does not conform to the preset format is changed to the second host name that conforms to the preset format. For example, change the first host name that uses a meaningless character string as the host name to the second host name that complies with the rules of the second-level domain name. In this way, the deployment client can communicate with the management server through the second host name to perform registration management and the like. After the communication between the deployment client and the management server is completed, the deployment server sends the host name recovery command to the deployment client, so that other services communicate with the client through the first host name, preventing other services from failing to restore the first host name. In case of failure to operate normally, ensure the reliability of services provided by the deployment client.
可选的,向所述部署客户端发送安装代理指令之后,还包括:Optionally, after sending the installation agent instruction to the deployment client, it also includes:
所述部署服务端基于所述自动化运维工具,向所述部署客户端发送地址追加指令,所述地址追加指令中包含查找指令,所述地址追加指令用于指示所述部署客户端在根据所述查找指令确认域名文件中不包含所述管理服务器的域名和IP地址时,在域名文件中追加所述管理服务器的域名和IP地址。The deployment server sends an address addition instruction to the deployment client based on the automated operation and maintenance tool, the address addition instruction includes a search instruction, and the address addition instruction is used to instruct the deployment client When the above search command confirms that the domain name and IP address of the management server are not included in the domain name file, the domain name and IP address of the management server are added to the domain name file.
上述方法中,部署服务端向部署客户端发送地址追加指令,以在部署客户端的域名文件中追加管理服务器的域名和IP地址。相比于现有技术中直接替换部署客户端中的域名文件,以实现域名文件中包含管理服务器的域名和IP地址来说;本申请通过追加管理服务器的域名和IP地址,防止部署客户端中原来的域名文件丢失,导致依赖原来的域名文件的服务发生异常;且代理程序可以根据地址追加指令中的查找指令查看当前域名文件,若包含管理服务器的域名和IP地址,则可以无需追加,防止发生若域名文件的目标位置已经包含管理服务器的IP地址和域名,仍然进行追加导致的目标位置地址重复的情况,简化域名文件追加流程。In the above method, the deployment server sends an address addition instruction to the deployment client to add the domain name and IP address of the management server to the domain name file of the deployment client. Compared with the prior art that directly replaces the domain name file in the deployment client to realize that the domain name file contains the domain name and IP address of the management server; this application prevents the domain name and IP address of the management server from being deployed in the client. The original domain name file is lost, resulting in abnormalities in services that rely on the original domain name file; and the agent program can check the current domain name file according to the search command in the address addition command. If it contains the domain name and IP address of the management server, it does not need to be appended to prevent If the target location of the domain name file already contains the IP address and domain name of the management server, the address of the target location is duplicated due to the addition, and the process of adding the domain name file is simplified.
可选的,向所述部署客户端发送地址追加指令之后,还包括:所述部署服务端基于所述自动化运维工具,向所述部署客户端发送注册指令,所述注册指令用于指示所述部署客户端将所述管理服务器的域名和IP地址添加到鉴权配置文件,并根据所述鉴权配置文件对所述管理服务器进行鉴权。Optionally, after sending the address addition instruction to the deployment client, it further includes: the deployment server sends a registration instruction to the deployment client based on the automated operation and maintenance tool, and the registration instruction is used to indicate the The deployment client adds the domain name and IP address of the management server to the authentication configuration file, and authenticates the management server according to the authentication configuration file.
上述方法中,将域名文件中的管理服务器的域名和IP地址添加到鉴权配置文件,使得部署客户端可以根据鉴权配置文件中的管理服务器的域名和IP地址与管理服务器进行鉴权,保证鉴权的可靠性。In the above method, the domain name and IP address of the management server in the domain name file are added to the authentication configuration file, so that the deployment client can perform authentication with the management server according to the domain name and IP address of the management server in the authentication configuration file, ensuring Authentication reliability.
可选的,所述部署服务端基于所述自动化运维工具,获取所述部署客户端在管理服务器的注册结果之后,还包括:所述部署服务端基于所述自动化运维工具,获取所述部署客户端注册完成状态,则向所述部署客户端发送测试指令,所述测试指令用于指示所述部署客户端测试在所述管理服务器是否注册成功。Optionally, after obtaining the registration result of the deployment client on the management server based on the automated operation and maintenance tool, the deployment server further includes: the deployment server obtains the If the registration of the deployment client is completed, a test instruction is sent to the deployment client, and the test instruction is used to instruct the deployment client to test whether the registration with the management server is successful.
上述方法中,部署服务端基于自动化运维工具获取部署客户端注册完成状态。若注册完成,则向部署客户端发送测试指令,使得部署客户端测试该部署客户端在管理服务器的注册是否成功。若不成功,可以重新发起代理部署流程,或者,发起注册失败告警,由工作人员进行相应处理。保证部署客户端在管理服务器注册的可靠性。In the above method, the deployment server acquires the registration completion status of the deployment client based on the automated operation and maintenance tool. If the registration is completed, a test instruction is sent to the deployment client, so that the deployment client tests whether the registration of the deployment client in the management server is successful. If it fails, you can re-initiate the agent deployment process, or initiate a registration failure alarm, and the staff will handle it accordingly. Ensure the reliability of the deployment client registration on the management server.
可选的,向所述部署客户端发送安装代理指令之后,还包括:所述部署服务端基于所述自动化运维工具,获取所述部署客户端注册成功状态,所述部署服务端基于所述自动化运维工具,向所述部署客户端发送配置更改指令,所述配置更改指令用于指示所述部署客户端在所述代理程序的目标位置追加配置文件。Optionally, after sending the installation agent instruction to the deployment client, it further includes: the deployment server obtains the successful registration status of the deployment client based on the automated operation and maintenance tool, and the deployment server obtains the registration success status based on the deployment server The automated operation and maintenance tool sends a configuration change instruction to the deployment client, where the configuration change instruction is used to instruct the deployment client to add a configuration file to the target location of the agent program.
上述方法中,在部署客户端注册成功后,部署服务端基于自动化运维工具还可以向部署客户端发送配置更改指令,使得部署客户端在代理程序的目标位置追加配置文件。相比于现有技术中直接在代理程序中,将对应的配置文件覆盖,而导致原配置文件丢失,影响基于原配置文件实现相应功能的模块出现异常。本申请可以保证部署客户端运行的可靠性。In the above method, after the registration of the deployment client is successful, the deployment server can also send a configuration change instruction to the deployment client based on the automatic operation and maintenance tool, so that the deployment client can add a configuration file to the target location of the agent program. Compared with the prior art, the corresponding configuration file is overwritten directly in the agent program, resulting in the loss of the original configuration file, which affects the abnormality of modules that implement corresponding functions based on the original configuration file. This application can guarantee the reliability of the operation of the deployment client.
第二方面,本申请实施例提供一种基于自动化运维工具的代理部署方法,该方法包括:部署服务端基于安装的自动化运维工具,向部署客户端发送检测指令;所述部署客户端根据所述检测指令检测到本地包含鉴权配置文件,且所述鉴权文件中包含预设语句,生成检测通过通知,并将所述检测通过通知发送至所述部署服务端;所述部署服务端接收所述检测通过通知后,基于所述自动化运维工具向所述部署客户端发送安装代理指令;所述部署客户端根据所述安装代理指令从软件包管理器获取代理软件包并安装代理程序;所述部署服务端基于所述自动化运维工具,检测所述部署客户端安装成功后,发送主机名变更指令至所述部署客户端;所述部署客户端根据所述主机变更指令将第一主机名变更为第二主机名,所述第一主机名为所述部署客户端的原主机名,所述第二主机名为预设格式的主机名;所述部署客户端在管理服务器进行注册,并获取注册结果;所述部署服务端基于所述自动化运维工具, 获取所述部署客户端在管理服务器的注册结果,将所述第二主机名恢复为所述第一主机名。In the second aspect, the embodiment of the present application provides an agent deployment method based on an automated operation and maintenance tool. The method includes: deploying the automated operation and maintenance tool installed on the server side, and sending a detection instruction to the deployment client; The detection instruction detects that the authentication configuration file is included locally, and the authentication file contains a preset sentence, generates a detection pass notification, and sends the detection pass notification to the deployment server; the deployment server After receiving the notification of passing the detection, an installation agent instruction is sent to the deployment client based on the automated operation and maintenance tool; the deployment client obtains the agent software package from the software package manager according to the installation agent instruction and installs the agent program ; Based on the automated operation and maintenance tool, the deployment server detects that the deployment client is successfully installed, and then sends a host name change command to the deployment client; the deployment client sends the first host name change command to the deployment client according to the host change command The host name is changed to a second host name, the first host name is the original host name of the deployment client, and the second host name is a host name in a preset format; the deployment client registers with the management server, And obtain the registration result; the deployment server obtains the registration result of the deployment client on the management server based on the automatic operation and maintenance tool, and restores the second host name to the first host name.
上述方法中,通过将自动化运维工具安装在部署服务端中,使得部署服务端根据本地的部署客户端IP,直接指示部署客户端安装代理程序。相比于现有技术中需要搭建发布系统架构来说,本申请无需搭建传统的发布系统,可以有效的降低部署工作量以及准备周期,且提高部署效率。且在安装代理程序之前,令部署客户端根据检测指令检测到本地包含鉴权配置文件,且鉴权文件中包含预设语句。如此,若预设语句为鉴权配置文件的默认语句,可以认为没有其他服务使用该鉴权配置文件,则可以使用该鉴权配置文件;否则,鉴权配置文件正在被其它服务应用,若仍然进行代理部署流程,则会导致其它服务异常,通过该检测步骤,有效提升部署客户端的业务可靠性。代理程序安装成功后,将部署客户端的原主机名变更为预设格式主机名,如,域名加IP地址等等形式,使得管理服务器中注册的部署客户端的信息可视性好,便于管理。获取注册结果后,将部署客户端的预设格式主机名恢复为原主机名。如此,使得其他通过原主机名运行的服务,仍然可以正常运行,保证部署客户端的业务运行可靠性。In the above method, by installing the automated operation and maintenance tool in the deployment server, the deployment server directly instructs the deployment client to install the agent program according to the local IP of the deployment client. Compared with the need to build a publishing system architecture in the prior art, this application does not need to build a traditional publishing system, which can effectively reduce the deployment workload and preparation period, and improve deployment efficiency. And before installing the agent program, let the deployment client detect that the local authentication configuration file is included according to the detection instruction, and the authentication file includes default statements. In this way, if the default statement is the default statement of the authentication configuration file, it can be considered that no other service uses the authentication configuration file, and the authentication configuration file can be used; otherwise, the authentication configuration file is being applied by other services, if still Performing the agent deployment process will cause other services to be abnormal. Through this detection step, the business reliability of the deployed client can be effectively improved. After the agent program is successfully installed, change the original host name of the deployment client to a host name in a preset format, such as domain name plus IP address, etc., so that the information of the deployment client registered in the management server is visible and easy to manage. After obtaining the registration result, restore the hostname in the preset format of the deployed client to the original hostname. In this way, other services running through the original host name can still run normally, ensuring the reliability of the business operation of the deployed client.
第三方面,本申请实施例提供一种基于自动化运维工具的代理部署装置,该装置包括:In the third aspect, the embodiment of the present application provides an agent deployment device based on an automated operation and maintenance tool, which includes:
处理模块用于基于安装的自动化运维工具,通过发送模块向部署客户端发送检测指令;The processing module is used for installation-based automated operation and maintenance tools, and sends detection instructions to the deployment client through the sending module;
所述处理模块通过接收模块接收检测通过通知后,基于所述自动化运维工具,通过所述发送模块向所述部署客户端发送安装代理指令;所述安装代理指令用于指示所述部署客户端从软件包管理器获取代理软件包并安装代理程序。After the processing module receives the detection pass notification through the receiving module, based on the automated operation and maintenance tool, it sends an installation agent instruction to the deployment client through the sending module; the installation agent instruction is used to instruct the deployment client Get the agent package from the package manager and install the agent.
第四方面,本申请实施例还提供一种计算设备,包括:存储器,用于存储程序;处理器,用于调用所述存储器中存储的程序,按照获得的程序执行如第一方面和第二方面的各种可能的设计中所述的方法。In the fourth aspect, the embodiment of the present application also provides a computing device, including: a memory for storing programs; a processor for invoking the programs stored in the memory, and executing the obtained programs according to the first aspect and the second aspect. Aspects of the various possible designs are described in the method.
第五方面,本申请实施例还提供一种计算机可读非易失性存储介质,包括计算机可读程序,当计算机读取并执行所述计算机可读程序时,使得计算机执行如第一方面和第二方面的各种可能的设计中所述的方法。In the fifth aspect, the embodiment of the present application also provides a computer-readable non-volatile storage medium, including a computer-readable program. When the computer reads and executes the computer-readable program, the computer executes the computer-readable program described in the first aspect and The method described in various possible designs of the second aspect.
本申请的这些实现方式或其他实现方式在以下实施例的描述中会更加简明易懂。These implementation manners or other implementation manners of the present application will be more concise and understandable in the description of the following embodiments.
附图说明Description of drawings
为了更清楚地说明本申请实施例中的技术方案,下面将对实施例描述中所需要使用的附图作简要介绍,显而易见地,下面描述中的附图仅仅是本申请的一些实施例,对于本领域的普通技术人员来讲,在不付出创造性劳动性的前提下,还可以根据这些附图获得其他的附图。In order to more clearly illustrate the technical solutions in the embodiments of the present application, the following will briefly introduce the drawings that need to be used in the description of the embodiments. Obviously, the drawings in the following description are only some embodiments of the present application. For Those of ordinary skill in the art can also obtain other drawings based on these drawings without any creative effort.
图1为本申请实施例提供的一种基于自动化运维工具的代理部署的架构示意图;FIG. 1 is a schematic diagram of the architecture of agent deployment based on automated operation and maintenance tools provided by the embodiment of the present application;
图2为本申请实施例提供的一种基于自动化运维工具的代理部署的架构示意图;FIG. 2 is a schematic diagram of the architecture of agent deployment based on automated operation and maintenance tools provided by the embodiment of the present application;
图3为本申请实施例提供的一种基于自动化运维工具的代理部署方法的流程示意图;FIG. 3 is a schematic flow diagram of an agent deployment method based on an automated operation and maintenance tool provided in an embodiment of the present application;
图4为本申请实施例提供的一种基于自动化运维工具的代理部署方法的流程示意图;FIG. 4 is a schematic flow diagram of an agent deployment method based on an automated operation and maintenance tool provided in an embodiment of the present application;
图5为本申请实施例提供的一种基于自动化运维工具的代理部署的装置示意图;FIG. 5 is a schematic diagram of an agent deployment device based on an automated operation and maintenance tool provided in an embodiment of the present application;
图6为本申请实施例提供的一种基于自动化运维工具的代理部署的装置示意图。FIG. 6 is a schematic diagram of an apparatus for deploying an agent based on an automated operation and maintenance tool according to an embodiment of the present application.
具体实施方式detailed description
为了使本申请的目的、技术方案和优点更加清楚,下面将结合附图对本申请作进一步地详细描述,显然,所描述的实施例仅仅是本申请一部分实施 例,而不是全部的实施例。基于本申请中的实施例,本领域普通技术人员在没有做出创造性劳动前提下所获得的所有其它实施例,都属于本申请保护的范围。In order to make the purpose, technical solution and advantages of the application clearer, the application will be further described in detail below in conjunction with the accompanying drawings. Apparently, the described embodiments are only some of the embodiments of the application, not all of them. Based on the embodiments in this application, all other embodiments obtained by persons of ordinary skill in the art without making creative efforts belong to the scope of protection of this application.
图1为本申请实施例提供的一种基于自动化运维工具的代理部署理的系统架构,其中,部署服务端中安装有自动化运维工具,还可以包含各个部署客户端的IP地址等信息。如,通过IP地址列表记录各个部署客户端的IP地址。则部署服务端可以基于自动化运维工具向对应IP地址的部署客户端发送检测指令。部署客户端接收到该检测指令后,根据该检测指令检测部署客户端是否可以进行代理部署流程,若检测不通过,则不执行代理部署流程,可以向工作人员产生告警;若检测通过,则将检测通过通知发送至部署服务端。部署服务端接收检测通过通知后,基于该自动化运维工具向该部署客户端发送安装代理指令,并针对每个部署客户端设置相应的监测进程,实时监测部署客户端的安装状态。部署客户端接收到安装代理指令后,从软件包管理器中下载代理软件包;若代理程序安装失败或异常,则部署服务端监测到该安装失败或异常的状态后,向部署客户端发送结束安装指令;否则,部署服务端监测到该代理程序安装成功状态后,向部署客户端发送主机名变更指令,还向部署客户端发送地址追加指令。部署客户端根据主机名变更指令变更主机名,且在接收到地址追加指令将管理服务器的域名和IP地址在域名文件中追加后,部署客户端向管理服务器发起鉴权,并完成注册。部署服务端确定部署客户端的注册状态为注册完成状态,则发送测试指令,使得部署客户端测试部署客户端与管理服务器之间的注册是否注册成功。部署服务端获取部署客户端的注册结果后,将该部署客户端的预设格式主机名恢复回原主机名。这里需要说明的是,无论注册结果成功或者失败,最后部署客户端的主机名都要恢复回原主机名,以保证部署客户端中其它服务的正常运行。如此,即可以保证管理服务器中的部署客户端的信息可视性高,便于管理,还可以保证部署客户端的各服务正常运行,提高业务可靠性。上述系统架构中,在部署服务端中设置有自动化运维工具,可以在代理程序安装流程中,指示部署 客户端执行代理部署流程;相比于现有技术中需要搭建发布系统来说,本申请无需提前搭建发布系统,可以有效的降低代理部署工作量以及准备周期,且提高部署效率。Fig. 1 is a system architecture of agent deployment based on automated operation and maintenance tools provided by the embodiment of the present application, wherein the deployment server is installed with automated operation and maintenance tools, and may also include information such as the IP address of each deployment client. For example, record the IP addresses of each deployment client through the IP address list. Then the deployment server can send detection instructions to the deployment client corresponding to the IP address based on the automated operation and maintenance tool. After the deployment client receives the detection instruction, it detects whether the deployment client can perform the agent deployment process according to the detection instruction. If the detection fails, the agent deployment process will not be executed, and an alarm can be generated to the staff; Detections are sent to the deployment server via notifications. After receiving the detection pass notification, the deployment server sends installation agent instructions to the deployment client based on the automated operation and maintenance tool, and sets a corresponding monitoring process for each deployment client to monitor the installation status of the deployment client in real time. After the deployment client receives the installation agent instruction, it downloads the agent software package from the package manager; if the installation of the agent program fails or is abnormal, the deployment server detects the installation failure or abnormal state, and sends an end message to the deployment client. An installation instruction; otherwise, after the deployment server monitors that the agent program is installed successfully, it sends a host name change instruction to the deployment client, and also sends an address addition instruction to the deployment client. The deployment client changes the host name according to the host name change instruction, and after receiving the address addition instruction to add the domain name and IP address of the management server to the domain name file, the deployment client initiates authentication to the management server and completes the registration. The deployment server determines that the registration status of the deployment client is the registration completed state, and then sends a test instruction, so that the deployment client tests whether the registration between the deployment client and the management server is successful. After the deployment server obtains the registration result of the deployment client, it restores the host name in the preset format of the deployment client to the original host name. What needs to be explained here is that no matter whether the registration result is successful or failed, the host name of the final deployment client must be restored to the original host name to ensure the normal operation of other services in the deployment client. In this way, it can ensure that the information of the deployment client in the management server is highly visible and easy to manage, and can also ensure the normal operation of various services of the deployment client, thereby improving service reliability. In the above system architecture, an automated operation and maintenance tool is provided in the deployment server, which can instruct the deployment client to execute the agent deployment process during the agent program installation process; compared with the need to build a publishing system in the prior art, this application There is no need to build a release system in advance, which can effectively reduce the agent deployment workload and preparation cycle, and improve deployment efficiency.
本申请实施例还提供了一种基于自动化运维工具的代理部署的系统架构,如图2所示,部署服务端设置的自动化运维工具为Ansiblee;管理服务器中设置有FreeIPA;软件包管理器为Yum(Yellow dog Updater,Modified,一个前端软件包管理器),其中包含部署客户端所需的代理软件包;则部署客户端中包含FreeIPA系统的客户端和Yum系统的前端,代理程序为SSSD守护进程。The embodiment of the present application also provides a system framework for agent deployment based on automated operation and maintenance tools, as shown in Figure 2, the automated operation and maintenance tool set by the deployment server is Ansiblee; the management server is provided with FreeIPA; the software package manager It is Yum (Yellow dog Updater, Modified, a front-end package manager), which contains the agent software package required for deploying the client; the deployment client includes the client of the FreeIPA system and the front-end of the Yum system, and the agent is SSSD Daemon.
基于上述系统架构,本申请实施例提供了一种基于自动化运维工具的代理部署方法流程,如图3所示,包括:Based on the above system architecture, the embodiment of the present application provides an agent deployment method process based on automated operation and maintenance tools, as shown in Figure 3, including:
步骤301、部署服务端基于安装的自动化运维工具,向部署客户端发送检测指令; Step 301, the deployment server sends detection instructions to the deployment client based on the installed automated operation and maintenance tool;
此处,在一种示例中,部署服务端中包含的自动化运维工具中包含各部署客户端的IP地址。如,有个IP地址记录或IP地址列表,自动化运维工具遍历IP地址记录或IP地址列表。分别向各部署客户端发送检测指令;检测指令用于指示部署客户端检测自身是否具有部署代理程序并注册的条件。如,可以用于指示部署客户端检测自身配置文件中是否包含相关预设语句;若配置文件为kerberos协议(计算机网络授权协议)生成的,由于部署客户端在注册流程中需要使用kerberos协议做鉴权,需配置/etc/krb5.conf;因此,为了保证注册流程的可靠执行,则需要检测确定部署客户端具有第一预设语句/etc/krb5.conf;若部署客户端的配置文件中包含该第一预设语句,还需要进一步确定该配置文件中是否包含第二预设语句kerberos.example.com;该第二预设语句为kerberos.example.com,用于确定该配置文件是否为默认的,若配置文件中包含该第二预设语句,则可以确定没有其他服务在应用这个配置文件;在本示例中,若配置文件中包含第一预设语句而不包含第二预设语句,则代表部署客户端的该配置文件被其它服务应用,若继续执行代理部署流程,则大概率会导致其它服务的异常,若检测确定部署客户端的配置文件中即包含 第一预设语句,又包含第二预设语句,则确定检测通过。Here, in an example, the automated operation and maintenance tool included in the deployment server includes the IP addresses of each deployment client. For example, there is an IP address record or IP address list, and the automated operation and maintenance tool traverses the IP address record or IP address list. A detection instruction is sent to each deployment client respectively; the detection instruction is used to instruct the deployment client to detect whether it has a deployment agent program and to register. For example, it can be used to instruct the deployment client to check whether its own configuration file contains relevant default statements; if the configuration file is generated by the kerberos protocol (computer network authorization protocol), the deployment client needs to use the kerberos protocol for authentication during the registration process. Right, need to configure /etc/krb5.conf; Therefore, in order to ensure the reliable execution of the registration process, it is necessary to detect and confirm that the deployment client has the first preset statement /etc/krb5.conf; if the configuration file of the deployment client contains this For the first default statement, it is necessary to further determine whether the configuration file contains the second default statement kerberos.example.com; the second default statement is kerberos.example.com, which is used to determine whether the configuration file is the default , if the configuration file contains the second default statement, it can be determined that no other service is applying this configuration file; in this example, if the configuration file contains the first default statement but not the second default statement, then The configuration file representing the deployment client is applied by other services. If the agent deployment process continues, there is a high probability that other services will be abnormal. If the detection determines that the configuration file of the deployment client contains the first preset statement and the second If the default statement is used, it is determined that the test is passed.
若自动化运维工具为Ansiblee,则部署服务端可以基于Ansiblee的shell模块执行cat/etc/krb5.conf|grep kerberos.example.com检测客户端的第一预设语句和第二预设语句。若Ansiblee的shell返回不为空,则代理部署流程可以继续执行,否则,检测不通过,可以发生相应的告警,通知工作人员处理。保证了代理部署的可靠性。If the automated operation and maintenance tool is Ansiblee, the deployment server can execute cat /etc/krb5.conf|grep kerberos.example.com based on the shell module of Ansiblee to detect the first preset statement and the second preset statement of the client. If the return of Ansiblee's shell is not empty, the agent deployment process can continue to execute. Otherwise, if the detection fails, a corresponding alarm can be generated to notify the staff to deal with it. The reliability of agent deployment is guaranteed.
步骤302、所述部署服务端接收检测通过通知后,基于所述自动化运维工具向所述部署客户端发送安装代理指令;所述安装代理指令用于指示所述部署客户端从软件包管理器获取代理软件包并安装代理程序; Step 302, after the deployment server receives the detection pass notification, it sends an installation agent instruction to the deployment client based on the automated operation and maintenance tool; the installation agent instruction is used to instruct the deployment client to download from the software package manager Get the agent package and install the agent;
此处,基于上述示例,软件包管理器为Yum(全称为Yellow dog Updater,Modified);则部署服务端使用Ansiblee的yum模块向部署客户端发送安装代理指令,使得部署客户端从管理服务器中获取代理软件包。另外,部署服务端该可以通过Ansiblee监测部署客户端和管理服务器中的yum系统,若yum系统出现异常,则可以直接对其进行修复,若无法进行修复,则产生告警。这里需要说明的是,代理软件包中还可以包含其他软件包等,如,还可以包含SUDO,一种用于生成指令的程序,代理程序在安装完成后可以根据该SUDO软件包将SUDO更新到最新版。Here, based on the above example, the package manager is Yum (full name Yellow dog Updater, Modified); then the deployment server uses Ansiblee's yum module to send installation agent instructions to the deployment client, so that the deployment client obtains from the management server Proxy package. In addition, the deployment server can monitor the yum system in the deployment client and management server through Ansiblee. If the yum system is abnormal, it can be repaired directly. If it cannot be repaired, an alarm will be generated. What needs to be explained here is that the agent software package can also contain other software packages, such as SUDO, a program for generating instructions. After the installation is completed, the agent program can update SUDO to new.
步骤303、所述部署服务端基于所述自动化运维工具,将第一主机名变更为第二主机名,所述第一主机名为所述部署客户端的原主机名,所述第二主机名为预设格式的主机名; Step 303, the deployment server changes the first host name to a second host name based on the automated operation and maintenance tool, the first host name is the original host name of the deployment client, and the second host name is the hostname in the preset format;
此处,预设格式的主机名可以是部署客户端的基础信息,如,域名、IP地址、运营商等等,可以根据具体需要设置,这里对预设格式的具体设置方式不做限定。Here, the host name in the preset format can be the basic information for deploying the client, such as domain name, IP address, operator, etc., which can be set according to specific needs, and the specific setting method of the preset format is not limited here.
步骤304、所述部署服务端基于所述自动化运维工具,获取所述部署客户端在管理服务器的注册结果; Step 304, the deployment server obtains the registration result of the deployment client on the management server based on the automated operation and maintenance tool;
步骤305、所述部署服务端基于所述自动化运维工具,将所述第二主机名恢复为所述第一主机名。 Step 305, the deployment server restores the second host name to the first host name based on the automated operation and maintenance tool.
此处,可以将‘将所述第二主机名恢复为所述第一主机名’的恢复机制设置为救济机制,即,不论在此之前的程序执行成功还是失败,或者出现任何异常等等,最终都要将预设格式的主机名恢复为原主机名,以保证部署客户端中的其它服务正常运行。Here, the recovery mechanism of 'reverting the second host name to the first host name' can be set as a relief mechanism, that is, no matter whether the previous program execution succeeds or fails, or any abnormality occurs, etc., In the end, the host name in the preset format must be restored to the original host name to ensure the normal operation of other services in the deployed client.
上述方法中,通过将自动化运维工具安装在部署服务端中,使得部署服务端根据本地的部署客户端IP,直接指示部署客户端安装代理程序。相比于现有技术中需要搭建发布系统架构来说,本申请无需搭建传统的发布系统,可以有效的降低部署工作量以及准备周期,且提高部署效率。且在安装代理程序之前,检测部署客户端的代理程序安装条件,可以保证代理程序在部署客户端中正常运行。部署服务端将部署客户端的原主机名变更为预设格式的主机名,并在获取部署客户端在管理服务器的注册结果后,将主机名恢复为原主机名。如此,使得管理服务器中的各部署客户端的主机名均为预设格式的主机名,预设格式可以根据需要设置,便于管理服务器对各部署客户端进行管理。后续在注册完成后,将主机名恢复为原主机名,还可以防止发生其他服务应用原主机名时,由于主机名的变更导致其他服务异常的情况。即,在保证部署客户端的各服务正常运行的情况下,提高管理部署客户端的简便性。In the above method, by installing the automated operation and maintenance tool in the deployment server, the deployment server directly instructs the deployment client to install the agent program according to the local IP of the deployment client. Compared with the need to build a publishing system architecture in the prior art, this application does not need to build a traditional publishing system, which can effectively reduce the deployment workload and preparation period, and improve deployment efficiency. And before installing the agent program, detecting the installation condition of the agent program on the deployment client can ensure the normal operation of the agent program on the deployment client. The deployment server changes the original host name of the deployment client to a host name in a preset format, and restores the host name to the original host name after obtaining the registration result of the deployment client on the management server. In this way, the host name of each deployment client in the management server is a host name in a preset format, and the preset format can be set as required, so that the management server can manage each deployment client. After the registration is completed, restoring the host name to the original host name can also prevent other services from being abnormal due to the change of the host name when the original host name is applied to other services. That is, in the case of ensuring the normal operation of each service of the deployed client, the convenience of managing the deployed client is improved.
本申请实施例提供了一种基于自动化运维工具的代理部署方法,向所述部署客户端发送安装代理指令之后,还包括:所述部署服务端基于所述自动化运维工具,监测所述部署客户端的安装状态;若在预设时段内未安装成功,则基于所述自动化运维工具向所述部署客户端发送结束安装指令。也就是说,在部署客户端接收安装代理指令后,基于该安装代理指令从管理服务器获取代理软件包并安装;而部署服务端在发送安装代理指令后针对每个部署客户端生成对应的监测进程,监测部署客户端安装代理程序的状态,若部署客户端在预设时间内没有完成安装,则发送结束安装指令,使得部署客户端结束代理程序的安装并记录该部署客户端。如此,可以及时确认部署客户端处于异常状态,还可以防止部署客户端一直在不断尝试连接管理服务器,导致任 务卡住,浪费网络资源。An embodiment of the present application provides an agent deployment method based on an automated operation and maintenance tool. After sending an installation agent instruction to the deployment client, it further includes: the deployment server monitors the deployment based on the automated operation and maintenance tool. The installation status of the client; if the installation is not successful within a preset period of time, an instruction to end the installation is sent to the deployment client based on the automated operation and maintenance tool. That is to say, after the deployment client receives the installation agent instruction, it obtains and installs the agent software package from the management server based on the installation agent instruction; and the deployment server generates a corresponding monitoring process for each deployment client after sending the installation agent instruction , monitor the status of the deployment client installation agent program, if the deployment client does not complete the installation within the preset time, then send an end installation instruction, so that the deployment client ends the installation of the agent program and records the deployment client. In this way, it can be confirmed in time that the deployment client is in an abnormal state, and it can also prevent the deployment client from continuously trying to connect to the management server, causing the task to be stuck and wasting network resources.
基于上述示例,部署服务端Ansiblee发送安装代理指令后,Ansiblee将一次性运行所有的部署客户端安装代理任务,并将所有的部署客户端安装代理任务丢到后台执行,每个安装代理任务有一个job_id,Ansiblee根据这个job_id每隔一段时间轮询检测该安装代理任务的执行情况,直到检测到安装代理任务执行结束。如,该安装代理任务最长30秒,Ansiblee会等待该安装代理任务最长30秒,期间每隔5秒钟检测一次安装代理任务的执行结果,如果过了30秒还未安装成功,则该部署客户端安装代理的安装状态为失败;部署服务端向该部署客户端发送结束安装指令,还可以记录相关异常状况,产生告警。Based on the above example, after the deployment server Ansiblee sends the installation agent command, Ansiblee will run all the deployment client installation agent tasks at one time, and throw all the deployment client installation agent tasks to the background for execution. Each installation agent task has one job_id, Ansiblee polls and detects the execution status of the installation agent task at regular intervals according to the job_id until it detects that the execution of the installation agent task ends. For example, if the installation agent task is up to 30 seconds, Ansiblee will wait for the installation agent task for up to 30 seconds, and check the execution result of the installation agent task every 5 seconds. If the installation is not successful after 30 seconds, then the The installation status of the deployment client installation agent is failure; the deployment server sends an instruction to end the installation to the deployment client, and can also record relevant abnormal conditions and generate an alarm.
本申请实施例提供了一种基于自动化运维工具的代理部署方法,所述部署服务端基于所述自动化运维工具,将第一主机名变更为第二主机名,包括:所述部署服务端基于所述自动化运维工具,检测所述部署客户端安装成功后,发送主机名变更指令;所述主机名变更指令用于指示所述部署客户端将第二主机名作为所述部署客户端的主机名;An embodiment of the present application provides an agent deployment method based on an automated operation and maintenance tool, wherein the deployment server changes the first host name to a second host name based on the automated operation and maintenance tool, including: the deployment server Based on the automated operation and maintenance tool, after detecting that the deployment client is successfully installed, a host name change instruction is sent; the host name change instruction is used to instruct the deployment client to use the second host name as the host of the deployment client name;
所述部署服务端基于所述自动化运维工具,将所述第二主机名恢复为所述第一主机名,包括:The deployment server restores the second host name to the first host name based on the automated operation and maintenance tool, including:
所述部署服务端基于所述自动化运维工具,向所述部署客户端发送主机名恢复指令;所述主机名恢复指令用于指示所述部署客户端将第一主机名更新为所述部署客户端的主机名。此处,为便于管理服务器对部署客户端的管理,则使得管理服务器中的各部署客户端的主机名的格式为预设格式。例如,IP地址+域名。则在部署服务端发送主机名变更指令至部署客户端之后,部署客户端根据主机名变更指令将原主机名-第一主机名变更为第二主机名,并将第一主机名和第二主机名对应存储。当注册等管理服务器与部署客户端之间的相关流程结束后,部署服务端发送主机名恢复指令至部署客户端,将第一主机名恢复为第二主机名。如此,防止主机名变更导致依赖于第一主机名的其它服务发生异常。The deployment server sends a host name restoration instruction to the deployment client based on the automated operation and maintenance tool; the host name restoration instruction is used to instruct the deployment client to update the first host name to the deployment client The hostname of the client. Here, in order to facilitate the management server to manage the deployment clients, the format of the host name of each deployment client in the management server is a preset format. For example, IP address + domain name. Then, after the deployment server sends the host name change command to the deployment client, the deployment client changes the original host name-the first host name to the second host name according to the host name change command, and changes the first host name and the second host name corresponding storage. After registration and other related processes between the management server and the deployment client are completed, the deployment server sends a host name restoration command to the deployment client to restore the first host name to the second host name. In this way, the change of the host name is prevented from causing abnormalities in other services that depend on the first host name.
基于上述示例,Ansible生成注册指令并发送至部署客户端,客户端接收 该注册指令后,运行代理程序ipa-client-install开始执行注册程序。注册时,Ansible通过主机名变更指令指示部署客户端将原主机名变更为预设格式的主机名:IP地址+域名,并调用ipa-client-install获取本机第二主机名,将该第二主机名发送到管理服务器中,作为本部署客户端在管理服务器中的标识。其中,在执行ipa-client-install之前先记录第一主机名和第二主机名的对应关系,并设置临时的第二主机名,将第二主机名发送至管理服务器。在这个过程中,执行ipa-client-install成功,流程结束,还原主机名,即,将第二主机名改为第一主机名;如果执行ipa-client-install失败,流程结束,也需要有机制确保还原主机名的动作,也就是说,不论注册成功与否都要执行主机名恢复步骤,这个步骤可以使用Ansiblee的block\always机制。Based on the above example, Ansible generates a registration command and sends it to the deployment client. After receiving the registration command, the client runs the agent program ipa-client-install to start the registration process. When registering, Ansible instructs the deployment client to change the original host name to the host name in the preset format through the host name change command: IP address + domain name, and calls ipa-client-install to obtain the second host name of the machine, and the second The host name is sent to the management server as the identification of the deployment client in the management server. Wherein, before executing ipa-client-install, record the corresponding relationship between the first host name and the second host name, set a temporary second host name, and send the second host name to the management server. In this process, if the execution of ipa-client-install is successful, the process ends, and the host name is restored, that is, the second host name is changed to the first host name; if the execution of ipa-client-install fails, the process ends, and a mechanism is also required Ensure that the action to restore the hostname, that is, perform the hostname restoration step regardless of whether the registration is successful or not, this step can use Ansiblee's block\always mechanism.
本申请实施例提供了一种地址追加方法,向所述部署客户端发送安装代理指令之后,还包括:所述部署服务端基于所述自动化运维工具,向所述部署客户端发送地址追加指令,所述地址追加指令中包含查找指令,所述地址追加指令用于指示所述部署客户端在根据所述查找指令确认域名文件中不包含所述管理服务器的域名和IP地址时,在域名文件中追加所述管理服务器的域名和IP地址。此处,部署服务端基于自动化运维工具向部署客户端发送地址追加指令,部署客户端在接收到该地址后追加指令后,将该地址追加指令中的管理服务器的域名和IP地址追加在域名文件的目标位置。如此,防止直接在域名文件中替换掉其它域名和IP,导致部署客户端的配置丢失,造成部署客户端可能出现异常的情况发生。这里通过直接在域名文件中追加管理服务器的IP地址和域名,可以降低部署客户端对域名服务器的依赖。An embodiment of the present application provides an address addition method. After sending the installation agent instruction to the deployment client, it further includes: the deployment server sends an address addition instruction to the deployment client based on the automated operation and maintenance tool. , the address addition instruction includes a search instruction, and the address addition instruction is used to instruct the deployment client to add the domain name file in the domain name file when it confirms that the domain name file does not contain the domain name and IP address of the management server according to the search instruction. Add the domain name and IP address of the management server to . Here, the deployment server sends an address addition command to the deployment client based on the automated operation and maintenance tool. After receiving the address and adding the command, the deployment client adds the domain name and IP address of the management server in the address addition command to the domain name. The target location of the file. In this way, it is prevented that other domain names and IPs are directly replaced in the domain name file, resulting in the loss of the configuration of the deployment client, which may cause abnormal situations in the deployment client. Here, by directly adding the IP address and domain name of the management server to the domain name file, the deployment client's dependence on the domain name server can be reduced.
基于上述示例,部署服务端使用Ansiblee的linefile模块实现部署客户端中的域名文件/etc/hosts文件的地址追加;并且该地址追加指令中可以设置对应的查找指令,若域名文件的目标位置已经包含该IP地址和域名,则无需重复追加地址。如此,即使该地址追加动作多次执行,也不会造成在域名文件中无限制的追加IP地址和域名。Based on the above example, the deployment server uses the linefile module of Ansiblee to implement the address addition of the domain name file /etc/hosts file in the deployment client; and the corresponding search command can be set in the address addition command, if the target location of the domain name file already contains For the IP address and domain name, there is no need to add the address repeatedly. In this way, even if the address adding action is executed multiple times, it will not result in unlimited addition of IP addresses and domain names in the domain name file.
本申请实施例提供了一种鉴权方法,向所述部署客户端发送地址追加指 令之后,还包括:所述部署服务端基于所述自动化运维工具,向所述部署客户端发送注册指令,所述注册指令用于指示所述部署客户端将所述管理服务器的域名和IP地址添加到鉴权配置文件,并根据所述鉴权配置文件对所述管理服务器进行鉴权。也就是说,部署客户端根据注册指令将域名文件中的管理服务器的域名和IP地址加到鉴权配置文件,以根据鉴权配置文件对管理服务器进行鉴权。如此,保证部署客户端和管理服务器之间鉴权的可靠性。An embodiment of the present application provides an authentication method. After sending an address addition instruction to the deployment client, it further includes: the deployment server sends a registration instruction to the deployment client based on the automated operation and maintenance tool, The registration instruction is used to instruct the deployment client to add the domain name and IP address of the management server to the authentication configuration file, and to authenticate the management server according to the authentication configuration file. That is to say, the deployment client adds the domain name and IP address of the management server in the domain name file to the authentication configuration file according to the registration instruction, so as to authenticate the management server according to the authentication configuration file. In this way, the reliability of authentication between the deployment client and the management server is guaranteed.
本申请实施例提供了一种注册方法,所述部署服务端基于所述自动化运维工具,获取所述部署客户端在管理服务器的注册结果,包括:所述部署服务端基于所述自动化运维工具,获取所述部署客户端注册完成状态,则向所述部署客户端发送测试指令,所述测试指令用于指示所述部署客户端测试在所述管理服务器是否注册成功。在上述示例中,部署服务器将测试指令发送至部署客户端,以测试部署客户端是否注册成功;部署客户端可以执行id用户名命令;若管理服务器能够准确接收部署客户端的该执行id用户名命令,并返回该用户名对应的信息,则确定注册成功;若部署客户端确定接收的信息为空,显示nosuch user信息,即为注册失败。An embodiment of the present application provides a registration method, wherein the deployment server acquires the registration result of the deployment client on the management server based on the automated operation and maintenance tool, including: the deployment server obtains the registration result of the deployment client based on the automated operation and maintenance tool A tool for obtaining the registration completion status of the deployment client, and then sending a test instruction to the deployment client, where the test instruction is used to instruct the deployment client to test whether the registration with the management server is successful. In the above example, the deployment server sends a test command to the deployment client to test whether the deployment client is successfully registered; the deployment client can execute the id username command; if the management server can accurately receive the execution id username command of the deployment client , and return the information corresponding to the user name, it means that the registration is successful; if the deployment client confirms that the received information is empty and displays nosuch user information, it means that the registration has failed.
本申请实施例提供了一种更改配置方法,向所述部署客户端发送安装代理指令之后,还包括:所述部署服务端基于所述自动化运维工具,获取所述部署客户端注册成功状态,所述部署服务端基于所述自动化运维工具,向所述部署客户端发送配置更改指令,所述配置更改指令用于指示所述部署客户端在所述代理程序的目标位置追加配置文件。也就是说,当部署服务端确定部署客户端和管理服务器之间注册成功,还可以通过配置更改指令更改部署客户端中的配置,更改方式为在代理程序的目标位置追加配置文件。如此,可以保证部署客户端中的配置完整,防止配置文件的丢失。基于上述示例,若要修改sudo的配置,如,需要将的sudo的权限修改为支持时间选项,需打开sudo_timed开关,则可以像更新域名文件/etc/hosts那样使用lineinfile模块,匹配到某目标位置后添加对应配置。另外,若配置文件是ini格式的,则可以采用ansible的ini_file模块修改配置文件,保证格式统一,配置文件可以被 可靠应用。The embodiment of the present application provides a configuration change method, after sending the installation agent instruction to the deployment client, it further includes: the deployment server obtains the successful registration status of the deployment client based on the automated operation and maintenance tool, The deployment server sends a configuration change instruction to the deployment client based on the automated operation and maintenance tool, and the configuration change instruction is used to instruct the deployment client to add a configuration file at the target location of the agent program. That is to say, when the deployment server determines that the registration between the deployment client and the management server is successful, it can also change the configuration in the deployment client through a configuration change command, and the modification method is to add a configuration file to the target location of the agent. In this way, the integrity of the configuration in the deployment client can be ensured and the loss of configuration files can be prevented. Based on the above example, if you want to modify the sudo configuration, for example, you need to modify the sudo permission to support the time option, you need to turn on the sudo_timed switch, you can use the lineinfile module like updating the domain name file /etc/hosts to match a certain target location Then add the corresponding configuration. In addition, if the configuration file is in the ini format, you can use the ini_file module of ansible to modify the configuration file to ensure that the format is uniform and the configuration file can be applied reliably.
基于上述方法流程,本申请实施例提供了一种基于自动化运维工具的代理部署方法流程,如图4所示,包括:Based on the above method flow, the embodiment of the present application provides an agent deployment method flow based on an automated operation and maintenance tool, as shown in FIG. 4 , including:
步骤401、部署服务端基于安装的自动化运维工具,生成检测指令,并将该检测指令发送至部署客户端。Step 401, the deployment server generates a detection instruction based on the installed automatic operation and maintenance tool, and sends the detection instruction to the deployment client.
步骤402、部署客户端接收到该检测指令后,检测自身是否符合安装代理条件,若符合,则生成检测通过通知发送至部署服务端;若不符合安装代理条件,则结束流程。Step 402: After receiving the detection instruction, the deployment client detects whether it meets the conditions for installing the agent, and if so, generates a detection notification and sends it to the deployment server; if it does not meet the conditions for installing the agent, the process ends.
步骤403、部署服务端接收到检测通过通知后,基于自动化运维工具生成安装代理指令。Step 403 , after receiving the detection pass notification, the deployment server generates an installation agent instruction based on the automated operation and maintenance tool.
步骤404、部署服务端针对该部署客户端生成监测进程;该监测进程中设置检测频率,以该检测频率检测部署客户端代理程序的安装状态,若部署客户端代理程序安装失败,则结束该安装程序;且该监测进程中还设置有预设时段,若在预设时段内,部署客户端仍然未完成代理程序的安装,则结束该安装程序,产生告警。Step 404, the deployment server generates a monitoring process for the deployment client; the detection frequency is set in the monitoring process, and the installation status of the deployment client agent is detected with the detection frequency, and if the installation of the deployment client agent fails, the installation is terminated program; and a preset time period is also set in the monitoring process, if within the preset time period, the deployment client has not yet completed the installation of the agent program, the installation program will end and an alarm will be generated.
步骤405、部署服务端将该安装代理指令发送至部署客户端。Step 405, the deployment server sends the installation agent instruction to the deployment client.
步骤406、部署客户端根据该安装代理指令生成代理软件包加载请求,并发送至软件包管理器。Step 406, the deployment client generates an agent software package loading request according to the installation agent instruction, and sends it to the software package manager.
步骤407、软件包管理器接收代理软件包加载请求后,将该代理软件包发送至部署客户端。Step 407: After receiving the proxy software package loading request, the software package manager sends the proxy software package to the deployment client.
步骤408、部署客户端接收代理软件包,并安装代理程序。Step 408, the deployment client receives the agent software package, and installs the agent program.
步骤409、部署服务端检测到部署客户端代理程序安装成功后,生成主机名变更指令,将主机名变更指令发送至部署客户端。Step 409: After the deployment server detects that the agent program of the deployment client is installed successfully, it generates a host name change instruction, and sends the host name change instruction to the deployment client.
步骤410、部署客户端根据该主机名变更指令,将第一主机名变更为第二主机名,并记录第一主机名和第二主机名的对应关系。Step 410, the deployment client changes the first host name to the second host name according to the host name change instruction, and records the correspondence between the first host name and the second host name.
步骤411、部署服务端生成地址追加指令,并发送至部署客户端。Step 411 , the deployment server generates an address addition instruction, and sends it to the deployment client.
步骤412、部署客户端接收地址追加指令后,根据地址追加指令将管理服 务器的域名和IP地址追加在域名文件的目标位置,其中,地址追加指令中可以包含查找指令,用于查找目标位置是否已经包含该管理服务器的域名和IP地址,防止重复追加,浪费网络资源。Step 412: After receiving the address addition instruction, the deployment client appends the domain name and IP address of the management server to the target location of the domain name file according to the address addition instruction, wherein the address addition instruction may include a search instruction for finding whether the target location has Contains the domain name and IP address of the management server to prevent repeated additions and waste of network resources.
步骤413、部署服务端生成注册指令,并发送至部署客户端。Step 413, the deployment server generates a registration instruction and sends it to the deployment client.
步骤414、部署客户端接收该注册指令后,将管理服务器的域名和IP地址添加到鉴权配置文件。Step 414: After receiving the registration instruction, the deployment client adds the domain name and IP address of the management server to the authentication configuration file.
步骤415、部署客户端根据管理服务器的域名和IP地址将包含自身的IP地址和第二主机名等信息的注册信息发送至管理服务器。Step 415, the deployment client sends registration information including its own IP address and second host name to the management server according to the domain name and IP address of the management server.
步骤416、管理服务器接收部署客户端发送的注册信息并记录。Step 416, the management server receives and records the registration information sent by the deployment client.
步骤417、部署服务端发送测试指令至部署客户端。Step 417, the deployment server sends a test command to the deployment client.
步骤418、部署客户端接收测试指令后,执行ID用户名指令,将该ID用户名指令发送至管理服务器。Step 418: After receiving the test instruction, the deployment client executes the ID user name instruction, and sends the ID user name instruction to the management server.
步骤419、管理服务器根据该ID用户名指令生成对应的回复信息,并将该回复信息发送至部署客户端。Step 419, the management server generates corresponding reply information according to the ID username command, and sends the reply information to the deployment client.
步骤420、部署客户端接收到的回复信息为空,则确定注册失败;若接收到的回复信息不为空,则注册成功。Step 420, if the reply information received by the deployment client is empty, then it is determined that the registration fails; if the received reply information is not empty, the registration is successful.
步骤421、部署服务端检测到部署客户端的注册结果,指示部署客户端将第二主机名恢复为第一主机名。Step 421 , the deployment server detects the registration result of the deployment client, and instructs the deployment client to restore the second hostname to the first hostname.
步骤422、部署服务器向部署客户端发送配置更改指令。Step 422, the deployment server sends a configuration change instruction to the deployment client.
步骤423、部署客户端根据配置更改指令在代理程序的目标位置追加配置文件。Step 423, the deployment client appends a configuration file to the target location of the agent program according to the configuration change instruction.
这里需要说明的是,上述流程步骤并不唯一,步骤409和步骤410可以在步骤411至步骤414任一步骤前后执行;步骤404可以在步骤405之前执行也可以在步骤405之后执行。因此,上述流程步骤只是一种示例,并不对本方案具体实施做限定。It should be noted here that the above process steps are not unique, and step 409 and step 410 can be performed before and after any step from step 411 to step 414; step 404 can be performed before step 405 or after step 405. Therefore, the above process steps are just an example, and do not limit the specific implementation of this solution.
基于同样的构思,本申请实施例提供一种基于自动化运维工具的代理部署的装置,图5为本申请实施例提供的一种基于自动化运维工具的代理部署 的装置示意图,如图5示,包括:Based on the same idea, an embodiment of the present application provides a device for deploying an agent based on an automated operation and maintenance tool. FIG. ,include:
处理模块501用于基于安装的自动化运维工具,通过发送模块502向部署客户端发送检测指令;The processing module 501 is used to send detection instructions to the deployment client through the sending module 502 based on the installed automated operation and maintenance tool;
所述处理模块501通过接收模块503接收检测通过通知后,基于所述自动化运维工具,通过所述发送模块502向所述部署客户端发送安装代理指令;所述安装代理指令用于指示所述部署客户端从软件包管理器获取代理软件包并安装代理程序;After the processing module 501 receives the detection pass notification through the receiving module 503, based on the automated operation and maintenance tool, it sends an installation agent instruction to the deployment client through the sending module 502; the installation agent instruction is used to instruct the The deployment client fetches the agent package from the package manager and installs the agent;
所述处理模块501基于所述自动化运维工具,将第一主机名变更为第二主机名,所述第一主机名为所述部署客户端的原主机名,所述第二主机名为预设格式的主机名;所述处理模块501基于所述自动化运维工具,获取所述部署客户端在管理服务器的注册结果;所述处理模块501基于所述自动化运维工具,将所述第二主机名恢复为所述第一主机名。The processing module 501 changes the first host name to a second host name based on the automated operation and maintenance tool, the first host name is the original host name of the deployment client, and the second host name is preset format; the processing module 501 obtains the registration result of the deployment client in the management server based on the automated operation and maintenance tool; the processing module 501 obtains the second host based on the automated operation and maintenance tool name reverts to the first hostname.
可选的,所述处理模块501还用于:基于所述自动化运维工具,监测所述部署客户端的安装状态;若在预设时段内未安装成功,则基于所述自动化运维工具,通过所述发送模块502向所述部署客户端发送结束安装指令。Optionally, the processing module 501 is further configured to: monitor the installation status of the deployment client based on the automated operation and maintenance tool; if the installation is not successful within a preset period of time, based on the automated operation and maintenance tool, through The sending module 502 sends an installation end instruction to the deployment client.
可选的,所述处理模块501用于:基于所述自动化运维工具,检测所述部署客户端安装成功后,通过所述发送模块502发送主机名变更指令;所述主机名变更指令用于指示所述部署客户端将第二主机名作为所述部署客户端的主机名;所述第二主机名为预设格式的主机名;所述处理模块501基于所述自动化运维工具,通过所述发送模块502向所述部署客户端发送主机名恢复指令;所述主机名恢复指令用于指示所述部署客户端将第一主机名更新为所述部署客户端的主机名;所述第一主机名为所述部署客户端的原主机名。Optionally, the processing module 501 is configured to: based on the automated operation and maintenance tool, after detecting that the deployment client is successfully installed, send a hostname change instruction through the sending module 502; the hostname change instruction is used to Instructing the deployment client to use the second host name as the host name of the deployment client; the second host name is a host name in a preset format; the processing module 501 is based on the automated operation and maintenance tool, through the The sending module 502 sends a hostname recovery instruction to the deployment client; the hostname recovery instruction is used to instruct the deployment client to update the first hostname to the hostname of the deployment client; the first hostname The original hostname for the deployment client.
可选的,所述处理模块501还用于:基于所述自动化运维工具,通过所述发送模块502向所述部署客户端发送地址追加指令,所述地址追加指令中包含查找指令,所述地址追加指令用于指示所述部署客户端在根据所述查找指令确认域名文件中不包含所述管理服务器的域名和IP地址时,在域名文件中追加所述管理服务器的域名和IP地址。Optionally, the processing module 501 is further configured to: based on the automated operation and maintenance tool, send an address addition instruction to the deployment client through the sending module 502, the address addition instruction includes a search instruction, and the The address addition instruction is used to instruct the deployment client to add the domain name and IP address of the management server to the domain name file when confirming that the domain name file does not contain the domain name and IP address of the management server according to the search instruction.
可选的,所述处理模块501还用于:基于所述自动化运维工具,通过所述发送模块502向所述部署客户端发送注册指令,所述注册指令用于指示所述部署客户端将所述管理服务器的域名和IP地址添加到鉴权配置文件,并根据所述鉴权配置文件对所述管理服务器进行鉴权。Optionally, the processing module 501 is further configured to: based on the automated operation and maintenance tool, send a registration instruction to the deployment client through the sending module 502, the registration instruction is used to instruct the deployment client to The domain name and IP address of the management server are added to the authentication configuration file, and the management server is authenticated according to the authentication configuration file.
可选的,所述处理模块501还用于:基于所述自动化运维工具,获取所述部署客户端注册完成状态,则通过所述发送模块502向所述部署客户端发送测试指令,所述测试指令用于指示所述部署客户端测试在所述管理服务器是否注册成功。Optionally, the processing module 501 is further configured to: obtain the registration completion status of the deployment client based on the automated operation and maintenance tool, and send a test instruction to the deployment client through the sending module 502, the The test instruction is used to instruct the deployment client to test whether the registration on the management server is successful.
可选的,所述处理模块501还用于:基于所述自动化运维工具,获取所述部署客户端注册成功状态,所述处理模块501基于所述自动化运维工具,通过所述发送模块502向所述部署客户端发送配置更改指令,所述配置更改指令用于指示所述部署客户端在所述代理程序的目标位置追加配置文件。Optionally, the processing module 501 is further configured to: obtain the successful registration status of the deployment client based on the automated operation and maintenance tool, and the processing module 501 uses the sending module 502 based on the automated operation and maintenance tool Sending a configuration change instruction to the deployment client, where the configuration change instruction is used to instruct the deployment client to add a configuration file at the target location of the agent program.
基于同样的构思,本申请实施例提供一种基于自动化运维工具的代理部署的装置,图6为本申请实施例提供的一种基于自动化运维工具的代理部署的装置示意图,如图6示,包括:处理模块601用于基于安装的自动化运维工具,并通过发送模块602向部署客户端发送检测指令;处理模块601根据所述检测指令检测到本地包含鉴权配置文件,且所述鉴权配置文件中包含预设语句,生成检测通过通知,并通过所述发送模块602将所述检测通过通知发送至所述部署服务端;通过接收模块603接收所述检测通过通知后,所述发送模块602基于所述自动化运维工具向所述部署客户端发送安装代理指令;所述处理模块601根据所述安装代理指令从软件包管理器获取代理软件包并安装代理程序;所述处理模块601基于所述自动化运维工具,检测所述部署客户端安装成功后,通过所述发送模块602发送主机名变更指令至所述部署客户端;所述处理模块601根据所述主机变更指令将第一主机名变更为第二主机名,所述第一主机名为所述部署客户端的原主机名,所述第二主机名为预设格式的主机名;所述处理模块601在管理服务器进行注册,并获取注册结果;所述处理模块601基于所述自动化运维工具,获取所述部署客户端在 管理服务器的注册结果,将所述第二主机名恢复为所述第一主机名。Based on the same idea, an embodiment of the present application provides a device for deploying an agent based on an automated operation and maintenance tool. FIG. , including: the processing module 601 is used for the installation-based automated operation and maintenance tool, and sends a detection instruction to the deployment client through the sending module 602; the processing module 601 detects that the local authentication configuration file is included according to the detection instruction, and the authentication The right configuration file contains preset sentences, generates a notification of passing the detection, and sends the notification of passing the detection to the deployment server through the sending module 602; after receiving the notification of passing the detection through the receiving module 603, the sending Module 602 sends an installation agent instruction to the deployment client based on the automated operation and maintenance tool; the processing module 601 obtains an agent software package from the software package manager according to the installation agent instruction and installs an agent program; the processing module 601 Based on the automated operation and maintenance tool, after detecting that the deployment client is successfully installed, the sending module 602 sends a host name change command to the deployment client; the processing module 601 sends the first host name change command according to the host change command. The host name is changed to a second host name, the first host name is the original host name of the deployment client, and the second host name is a host name in a preset format; the processing module 601 registers with the management server, And obtain the registration result; the processing module 601 obtains the registration result of the deployment client on the management server based on the automatic operation and maintenance tool, and restores the second host name to the first host name.
本领域内的技术人员应明白,本申请的实施例可提供为方法、系统、或计算机程序产品。因此,本申请可采用完全硬件实施例、完全软件实施例、或结合软件和硬件方面的实施例的形式。而且,本申请可采用在一个或多个其中包含有计算机可用程序代码的计算机可用存储介质(包括但不限于磁盘存储器、CD-ROM、光学存储器等)上实施的计算机程序产品的形式。Those skilled in the art should understand that the embodiments of the present application may be provided as methods, systems, or computer program products. Accordingly, the present application may take the form of an entirely hardware embodiment, an entirely software embodiment, or an embodiment combining software and hardware aspects. Furthermore, the present application may take the form of a computer program product embodied on one or more computer-usable storage media (including but not limited to disk storage, CD-ROM, optical storage, etc.) having computer-usable program code embodied therein.
本申请是参照根据本申请的方法、设备(系统)、和计算机程序产品的流程图和/或方框图来描述的。应理解可由计算机程序指令实现流程图和/或方框图中的每一流程和/或方框、以及流程图和/或方框图中的流程和/或方框的结合。可提供这些计算机程序指令到通用计算机、专用计算机、嵌入式处理机或其他可编程数据处理设备的处理器以产生一个机器,使得通过计算机或其他可编程数据处理设备的处理器执行的指令产生用于实现在流程图一个流程或多个流程和/或方框图一个方框或多个方框中指定的功能的装置。The present application is described with reference to flowchart illustrations and/or block diagrams of methods, apparatus (systems), and computer program products according to the present application. It should be understood that each procedure and/or block in the flowchart and/or block diagram, and a combination of procedures and/or blocks in the flowchart and/or block diagram can be realized by computer program instructions. These computer program instructions may be provided to a general purpose computer, special purpose computer, embedded processor, or processor of other programmable data processing equipment to produce a machine such that the instructions executed by the processor of the computer or other programmable data processing equipment produce a An apparatus for realizing the functions specified in one or more procedures of the flowchart and/or one or more blocks of the block diagram.
这些计算机程序指令也可存储在能引导计算机或其他可编程数据处理设备以特定方式工作的计算机可读存储器中,使得存储在该计算机可读存储器中的指令产生包括指令装置的制造品,该指令装置实现在流程图一个流程或多个流程和/或方框图一个方框或多个方框中指定的功能。These computer program instructions may also be stored in a computer-readable memory capable of directing a computer or other programmable data processing apparatus to operate in a specific manner, such that the instructions stored in the computer-readable memory produce an article of manufacture comprising instruction means, the instructions The device realizes the function specified in one or more procedures of the flowchart and/or one or more blocks of the block diagram.
这些计算机程序指令也可装载到计算机或其他可编程数据处理设备上,使得在计算机或其他可编程设备上执行一系列操作步骤以产生计算机实现的处理,从而在计算机或其他可编程设备上执行的指令提供用于实现在流程图一个流程或多个流程和/或方框图一个方框或多个方框中指定的功能的步骤。These computer program instructions can also be loaded onto a computer or other programmable data processing device, causing a series of operational steps to be performed on the computer or other programmable device to produce a computer-implemented process, thereby The instructions provide steps for implementing the functions specified in the flow chart or blocks of the flowchart and/or the block or blocks of the block diagrams.
显然,本领域的技术人员可以对本申请进行各种改动和变型而不脱离本申请的精神和范围。这样,倘若本申请的这些修改和变型属于本申请权利要求及其等同技术的范围之内,则本申请也意图包含这些改动和变型在内。Obviously, those skilled in the art can make various changes and modifications to the application without departing from the spirit and scope of the application. In this way, if these modifications and variations of the present application fall within the scope of the claims of the present application and their equivalent technologies, the present application is also intended to include these modifications and variations.

Claims (10)

  1. 一种基于自动化运维工具的代理部署方法,其特征在于,所述方法包括:A method for deploying an agent based on an automated operation and maintenance tool, wherein the method includes:
    部署服务端基于安装的自动化运维工具,向部署客户端发送检测指令;The deployment server sends detection instructions to the deployment client based on the installed automated operation and maintenance tool;
    所述部署服务端接收检测通过通知后,基于所述自动化运维工具向所述部署客户端发送安装代理指令;所述安装代理指令用于指示所述部署客户端从软件包管理器获取代理软件包并安装代理程序;After receiving the detection pass notification, the deployment server sends an installation agent instruction to the deployment client based on the automated operation and maintenance tool; the installation agent instruction is used to instruct the deployment client to obtain the agent software from the software package manager Package and install the agent;
    所述部署服务端基于所述自动化运维工具,将第一主机名变更为第二主机名,所述第一主机名为所述部署客户端的原主机名,所述第二主机名为预设格式的主机名;The deployment server changes the first host name to a second host name based on the automated operation and maintenance tool, the first host name is the original host name of the deployment client, and the second host name is preset The hostname in the format;
    所述部署服务端基于所述自动化运维工具,获取所述部署客户端在管理服务器的注册结果;The deployment server obtains the registration result of the deployment client on the management server based on the automated operation and maintenance tool;
    所述部署服务端基于所述自动化运维工具,将所述第二主机名恢复为所述第一主机名。The deployment server restores the second host name to the first host name based on the automated operation and maintenance tool.
  2. 如权利要求1中所述的方法,其特征在于,向所述部署客户端发送安装代理指令之后,还包括:The method according to claim 1, further comprising: after sending the installation agent instruction to the deployment client:
    所述部署服务端基于所述自动化运维工具,监测所述部署客户端的安装状态;The deployment server monitors the installation status of the deployment client based on the automated operation and maintenance tool;
    若在预设时段内未安装成功,则基于所述自动化运维工具向所述部署客户端发送结束安装指令。If the installation is not successful within a preset period of time, an instruction to end the installation is sent to the deployment client based on the automated operation and maintenance tool.
  3. 如权利要求1中所述的方法,其特征在于,所述部署服务端基于所述自动化运维工具,将第一主机名变更为第二主机名,包括:The method according to claim 1, wherein the deployment server changes the first host name to the second host name based on the automated operation and maintenance tool, including:
    所述部署服务端基于所述自动化运维工具,检测所述部署客户端安装成功后,发送主机名变更指令;所述主机名变更指令用于指示所述部署客户端将第二主机名作为所述部署客户端的主机名;After the deployment server detects that the deployment client is successfully installed based on the automated operation and maintenance tool, it sends a host name change instruction; the host name change instruction is used to instruct the deployment client to use the second host name as the The host name of the deployment client;
    所述部署服务端基于所述自动化运维工具,将所述第二主机名恢复为所 述第一主机名,包括:The deployment server restores the second host name to the first host name based on the automated operation and maintenance tool, including:
    所述部署服务端基于所述自动化运维工具,向所述部署客户端发送主机名恢复指令;所述主机名恢复指令用于指示所述部署客户端将第一主机名更新为所述部署客户端的主机名。The deployment server sends a host name restoration instruction to the deployment client based on the automated operation and maintenance tool; the host name restoration instruction is used to instruct the deployment client to update the first host name to the deployment client The hostname of the client.
  4. 如权利要求1中所述的方法,其特征在于,向所述部署客户端发送安装代理指令之后,还包括:The method according to claim 1, further comprising: after sending the installation agent instruction to the deployment client:
    所述部署服务端基于所述自动化运维工具,向所述部署客户端发送地址追加指令,所述地址追加指令中包含查找指令,所述地址追加指令用于指示所述部署客户端在根据所述查找指令确认域名文件中不包含所述管理服务器的域名和IP地址时,在域名文件中追加所述管理服务器的域名和IP地址。The deployment server sends an address addition instruction to the deployment client based on the automated operation and maintenance tool, the address addition instruction includes a search instruction, and the address addition instruction is used to instruct the deployment client When the above search command confirms that the domain name and IP address of the management server are not included in the domain name file, the domain name and IP address of the management server are added to the domain name file.
  5. 如权利要求4中所述的方法,其特征在于,向所述部署客户端发送地址追加指令之后,还包括:The method according to claim 4, further comprising: after sending the address addition instruction to the deployment client:
    所述部署服务端基于所述自动化运维工具,向所述部署客户端发送注册指令,所述注册指令用于指示所述部署客户端将所述管理服务器的域名和IP地址添加到鉴权配置文件,并根据所述鉴权配置文件对所述管理服务器进行鉴权。The deployment server sends a registration instruction to the deployment client based on the automated operation and maintenance tool, and the registration instruction is used to instruct the deployment client to add the domain name and IP address of the management server to the authentication configuration file, and authenticate the management server according to the authentication configuration file.
  6. 如权利要求1中所述的方法,其特征在于,所述部署服务端基于所述自动化运维工具,获取所述部署客户端在管理服务器的注册结果,包括:The method according to claim 1, wherein the deployment server obtains the registration result of the deployment client on the management server based on the automated operation and maintenance tool, including:
    所述部署服务端基于所述自动化运维工具,获取所述部署客户端注册完成状态,则向所述部署客户端发送测试指令,所述测试指令用于指示所述部署客户端测试在所述管理服务器是否注册成功。The deployment server obtains the registration completion status of the deployment client based on the automated operation and maintenance tool, and then sends a test instruction to the deployment client, and the test instruction is used to instruct the deployment client to test in the Whether the management server is successfully registered.
  7. 如权利要求1中所述的方法,其特征在于,向所述部署客户端发送安装代理指令之后,还包括:The method according to claim 1, further comprising: after sending the installation agent instruction to the deployment client:
    所述部署服务端基于所述自动化运维工具,获取所述部署客户端注册成功状态,The deployment server acquires the successful registration status of the deployment client based on the automated operation and maintenance tool,
    所述部署服务端基于所述自动化运维工具,向所述部署客户端发送配置更改指令,所述配置更改指令用于指示所述部署客户端在所述代理程序的目 标位置追加配置文件。The deployment server sends a configuration change instruction to the deployment client based on the automated operation and maintenance tool, and the configuration change instruction is used to instruct the deployment client to add a configuration file at the target location of the agent program.
  8. 一种基于自动化运维工具的代理部署方法,其特征在于,所述方法包括:A method for deploying an agent based on an automated operation and maintenance tool, wherein the method includes:
    部署服务端基于安装的自动化运维工具,向部署客户端发送检测指令;The deployment server sends detection instructions to the deployment client based on the installed automated operation and maintenance tool;
    所述部署客户端根据所述检测指令检测到本地包含鉴权配置文件,且所述鉴权文件中包含预设语句,生成检测通过通知,并将所述检测通过通知发送至所述部署服务端;The deployment client detects that an authentication configuration file is included locally according to the detection instruction, and the authentication file contains a preset statement, generates a detection pass notification, and sends the detection pass notification to the deployment server ;
    所述部署服务端接收所述检测通过通知后,基于所述自动化运维工具向所述部署客户端发送安装代理指令;After the deployment server receives the detection pass notification, it sends an installation agent instruction to the deployment client based on the automated operation and maintenance tool;
    所述部署客户端根据所述安装代理指令从软件包管理器获取代理软件包并安装代理程序;The deployment client obtains the agent software package from the software package manager according to the installation agent instruction and installs the agent program;
    所述部署服务端基于所述自动化运维工具,检测所述部署客户端安装成功后,发送主机名变更指令至所述部署客户端;The deployment server sends a host name change command to the deployment client after detecting that the deployment client is successfully installed based on the automated operation and maintenance tool;
    所述部署客户端根据所述主机变更指令将第一主机名变更为第二主机名,所述第一主机名为所述部署客户端的原主机名,所述第二主机名为预设格式的主机名;The deployment client changes the first host name to a second host name according to the host change instruction, the first host name is the original host name of the deployment client, and the second host name is in a preset format. CPU name;
    所述部署客户端在管理服务器进行注册,并获取注册结果;The deployment client registers with the management server and obtains a registration result;
    所述部署服务端基于所述自动化运维工具,获取所述部署客户端在管理服务器的注册结果,将所述第二主机名恢复为所述第一主机名。The deployment server obtains the registration result of the deployment client on the management server based on the automated operation and maintenance tool, and restores the second hostname to the first hostname.
  9. 一种计算机可读存储介质,其特征在于,所述计算机可读存储介质存储有程序,当所述程序在计算机上运行时,使得计算机实现执行权利要求1至8中任一项所述的方法。A computer-readable storage medium, characterized in that, the computer-readable storage medium stores a program, and when the program is run on a computer, the computer implements the method described in any one of claims 1 to 8 .
  10. 一种计算机设备,其特征在于,包括:A computer device, characterized in that it includes:
    存储器,用于存储计算机程序;memory for storing computer programs;
    处理器,用于调用所述存储器中存储的计算机程序,按照获得的程序执行如权利要求1至8任一权利要求所述的方法。The processor is configured to call the computer program stored in the memory, and execute the method according to any one of claims 1 to 8 according to the obtained program.
PCT/CN2021/141134 2021-06-22 2021-12-24 Automated operation and maintenance tool-based proxy deployment method and apparatus WO2022267407A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN202110691764.XA CN113438292A (en) 2021-06-22 2021-06-22 Agent deployment method and device based on automatic operation and maintenance tool
CN202110691764.X 2021-06-22

Publications (1)

Publication Number Publication Date
WO2022267407A1 true WO2022267407A1 (en) 2022-12-29

Family

ID=77756995

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2021/141134 WO2022267407A1 (en) 2021-06-22 2021-12-24 Automated operation and maintenance tool-based proxy deployment method and apparatus

Country Status (2)

Country Link
CN (1) CN113438292A (en)
WO (1) WO2022267407A1 (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN116647434A (en) * 2023-07-24 2023-08-25 国网瑞嘉(天津)智能机器人有限公司 Operation and maintenance service deployment method and device and operation and maintenance system

Families Citing this family (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113438292A (en) * 2021-06-22 2021-09-24 深圳前海微众银行股份有限公司 Agent deployment method and device based on automatic operation and maintenance tool
CN115002067A (en) * 2022-04-19 2022-09-02 深圳市共进电子股份有限公司 Client host name processing method, device, system, equipment and medium

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110750273A (en) * 2019-10-14 2020-02-04 交控科技股份有限公司 Automatic deployment method and system for cloud platform
US20200379435A1 (en) * 2019-05-29 2020-12-03 Atos It Services Uk Limited Method and electronic generation device for generating at least one configuration file for an automation tool, related computer program
CN112947951A (en) * 2021-03-26 2021-06-11 深圳云之家网络有限公司 Software installation method and related equipment
CN113438292A (en) * 2021-06-22 2021-09-24 深圳前海微众银行股份有限公司 Agent deployment method and device based on automatic operation and maintenance tool

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20200379435A1 (en) * 2019-05-29 2020-12-03 Atos It Services Uk Limited Method and electronic generation device for generating at least one configuration file for an automation tool, related computer program
CN110750273A (en) * 2019-10-14 2020-02-04 交控科技股份有限公司 Automatic deployment method and system for cloud platform
CN112947951A (en) * 2021-03-26 2021-06-11 深圳云之家网络有限公司 Software installation method and related equipment
CN113438292A (en) * 2021-06-22 2021-09-24 深圳前海微众银行股份有限公司 Agent deployment method and device based on automatic operation and maintenance tool

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
FRENAUD: "V4/ClientInstallationWithAnsible", 12 September 2017 (2017-09-12), XP093016371, Retrieved from the Internet <URL:https://www.freeipa.org/page/V4/ClientInstallationWithAnsible> [retrieved on 20230123] *

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN116647434A (en) * 2023-07-24 2023-08-25 国网瑞嘉(天津)智能机器人有限公司 Operation and maintenance service deployment method and device and operation and maintenance system
CN116647434B (en) * 2023-07-24 2023-10-20 国网瑞嘉(天津)智能机器人有限公司 Operation and maintenance service deployment method and device and operation and maintenance system

Also Published As

Publication number Publication date
CN113438292A (en) 2021-09-24

Similar Documents

Publication Publication Date Title
WO2022267407A1 (en) Automated operation and maintenance tool-based proxy deployment method and apparatus
CN110647580B (en) Distributed container cluster mirror image management main node, slave node, system and method
CN108549580B (en) Method for automatically deploying Kubernets slave nodes and terminal equipment
US9253265B2 (en) Hot pluggable extensions for access management system
US8850587B2 (en) Network security scanner for enterprise protection
US8775577B1 (en) System and method for configuration management service
US20170161059A1 (en) Management of multiple application programming interface versions for development environments
US10797952B1 (en) Intelligent rollback analysis of configuration changes
JP2006520975A (en) Non-intrusive automatic off-site patch fingerprinting and updating system and method
US10796001B2 (en) Software verification method and apparatus
US7624309B2 (en) Automated client recovery and service ticketing
US6804773B1 (en) System and method for transferring information over a network
JP2006107500A (en) Updating software during its execution
CN111045854B (en) Method, apparatus and computer readable medium for managing service containers
US11231919B2 (en) Live updates of stateful components
US10331418B2 (en) State machine representation of a development environment deployment process
WO2020123693A1 (en) Control token and hierarchical dynamic control
US11057285B2 (en) Non-intrusive IT device monitoring and performing action based on IT device state
CN113760339A (en) Vulnerability repair method and device
US20130179548A1 (en) Uniquely identifying a machine
US10075559B1 (en) Server configuration management system and methods
US9348849B1 (en) Backup client zero-management
US10949306B2 (en) System and method of a cloud service provider virtual machine recovery
US7350065B2 (en) Method, apparatus and program storage device for providing a remote power reset at a remote server through a network connection
US20220350628A1 (en) Managed virtual machines

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 21946881

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE